In a move to strengthen the security of the software development lifecycle, Keeper Security, a leading provider of zero-trust cybersecurity software, has launched a new extension for Visual Studio Code. This integration brings the company's enterprise-grade secrets management directly into the developer's coding environment, enabling teams to securely handle credentials, API keys, and tokens without leaving their workflow. The extension is designed to prevent the dangerous practice of hardcoding secrets into source code, a common vulnerability that attackers frequently exploit.
Keeper Security has launched a new secrets management extension for Visual Studio Code.
The extension integrates zero-trust, zero-knowledge security directly into developer workflows.
It allows developers to save, retrieve, and generate secrets from their Keeper Vault within the IDE.
A key feature is automatic detection of hardcoded credentials in the codebase for remediation.
The tool supports both Keeper Commander CLI and Keeper Secrets Manager operations.
The goal is to reduce secret sprawl and enforce security without slowing down innovation.
The Keeper VS Code extension addresses a critical vulnerability in modern software development: the mishandling of sensitive information. By allowing developers to save, retrieve, and generate secrets directly from their Keeper Vault, the tool eliminates the need to expose API keys, tokens, or certificates in plaintext within configuration files or source code. This seamless integration ensures that security is embedded into the development process from the very beginning, supporting both individual developers and large-scale enterprise requirements.
The extension provides a suite of features designed to empower developers and security teams alike. Beyond basic secrets management, it includes automated secret detection to identify hardcoded credentials for immediate remediation. Developers can also securely execute commands with secrets injected directly from the vault, and access comprehensive logging and debug tools for full operational transparency and troubleshooting.
Craig Lurey, CTO and Co-founder of Keeper Security, emphasized the strategic importance of this integration, stating, “Developers play a critical role in securing the software supply chain. Integrating Keeper directly into Visual Studio Code empowers teams to develop securely from the start. By embedding zero-trust principles into their workflows, developers can protect secrets and maintain compliance without slowing innovation.”
This launch extends the reach of the KeeperPAM® platform, a unified privileged access management solution. Built on a zero-trust, zero-knowledge architecture, KeeperPAM combines secrets management with other critical security functions. The VS Code extension is a key component in helping organizations enforce least-privilege access, automate credential rotation, and maintain detailed audit trails, thereby reducing the risk of breaches originating from compromised development secrets.
About Keeper Security
Keeper Security is one of the fastest-growing cybersecurity software companies that protects thousands of organisations and millions of people in over 150 countries. Keeper is a pioneer of zero-knowledge and zero-trust security built for any IT environment. Its core offering, KeeperPAM®, is an AI-enabled, cloud-native platform that protects all users, devices and infrastructure from cyber attacks. Recognised for its innovation in the Gartner Magic Quadrant for Privileged Access Management (PAM), Keeper secures passwords and passkeys, infrastructure secrets, remote connections and endpoints with role-based enforcement policies, least privilege and just-in-time access.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.