Security & Compliance
Security features and compliance capabilities
Security Model
KEAMS implements multiple layers of security to protect your endpoints and data.
Authentication & Authorization
- Installation tokens for agent deployment
- HMAC-SHA256 command signing
- Role-based access control (RBAC)
- Multi-tenant data isolation
- Session-based authentication
Network Security
- TLS 1.3 encryption for all connections
- WebSocket secure connections (WSS)
- Cloudflare DDoS protection
- Rate limiting and abuse prevention
Zero Trust Architecture
Every command and connection is authenticated and authorized. No implicit trust is granted.
Data Security
| Data Type | Protection Method |
|---|---|
| Agent Credentials | Windows DPAPI encryption |
| Database Records | Multi-tenant row-level isolation |
| Command Signatures | HMAC-SHA256 with secret key |
| Remote Sessions | Encrypted WebSocket tunneling |
| File Transfers | Size limits + path traversal protection |
Audit & Compliance
Comprehensive audit logging ensures you can track all actions and maintain compliance.
- 64+ event types with structured logging
- Immutable audit trail
- User action tracking
- Command execution history
- Remote session recordings
- Lockdown duration metrics
Event Categories
// Event Type Categories
- Registration & Connection Events
- Lockdown & Security Events
- Agent Update Events
- Remote Session Events
- Command Execution Events
- Health & Performance Events
- Configuration Changes
- File Operations