Coconut Secure Cloud Browser
Datasheet · Security

Security & Compliance Overview

A concise reference for the security architecture, controls, and compliance posture of the Coconut Cloud Browser — written for security architects and compliance leads.

Request a Demo All Datasheets
Per-session
Ephemeral isolation
E2E
TLS-encrypted streaming
Zero
Local data residency
Audited
Every session, optionally
Key capabilities

What you get out of the box

Full session isolation

Each browsing session runs in a single-tenant container, destroyed at session end.

Data stays in the cloud

Files, cookies, and credentials live in the container — never on the endpoint.

Identity-first access

Every session is gated by your IdP with MFA enforced by your existing policy.

Granular policy

URL filtering, clipboard, uploads, downloads, printing, watermarking, and screenshot blocking.

Comprehensive audit

Per-session audit logs cover access, policy events, and admin actions; exportable to SIEM.

Network egress control

Outbound traffic is policy-controlled and observable, simplifying SaaS access governance.

How it works

Three steps from zero to secure

1

Authenticate

User authenticates through your IdP with MFA, then receives a session token.

2

Isolate

A clean Chromium container spins up in-region and streams to the user over an encrypted channel.

3

Audit and destroy

On disconnect, the container and its data are destroyed; logs are persisted per policy.

Specifications

At a glance

Isolation boundarySingle-tenant container per session, hardware-virtualized
Encryption in transitTLS 1.3; WebRTC DTLS-SRTP for media streaming
Encryption at restAES-256 for any persisted artifacts (audit logs, configuration)
IdentitySAML 2.0, OIDC; MFA enforced upstream by IdP
Data residencyPin sessions and logs to a specific region (US, EU, UK, APAC)
LoggingSession, policy, and admin audit logs; SIEM export (Splunk, Sentinel, Chronicle)
Vulnerability mgmtContinuous Chromium patching; managed CVE response
Pen testingAnnual third-party penetration tests; reports under NDA
Compliance

Standards we align with

  • SOC 2 Type II controls aligned
  • GDPR-aligned data handling with regional residency
  • HIPAA-aligned workflows available with BAA
  • Aligns with NIST SP 800-207 Zero Trust Architecture
  • Supports PCI DSS v4.0 scope reduction strategies

Get the deep-dive security briefing

Book a 30-minute live walkthrough with our team.

Request a Demo