Cloud browser · now in public preview
One click.
A cloud browser
for your agent.
Browsernaut gives AI agents a real, stealthy Chromium session in the cloud — over MCP or raw CDP — in under 400 ms. No infra, no patched images, no captcha walls where they shouldn't appear.
MCP-native
CDP WebSocket
Stealth by default
< 400 ms cold start
— WHY BROWSERNAUT
An overview of what's inside — built around how agents actually run a browser, not how a human clicks one.
Headed antidetect Chrome with a free CF challenge pass.
Advanced stealth: real headed Chromium with rotated fingerprints, human timing, and a built-in Cloudflare challenge pass — included on every plan. Not headless, not patched, not flagged.
AGENTS · MCP
Built for AI agents — MCP-native, model-agnostic.
Drop-in for Claude Desktop, Cursor, ChatGPT custom apps, and your own orchestrator. The tool surface is auto-discovered and versioned, so you don't pin schemas — when we ship, your agent just gets more capabilities. Typed contracts mean no hallucinated APIs.
ZERO TRUST
Independent microVMs. Zero-trust by architecture.
Every session boots a fresh, fully independent Firecracker microVM — no pool, no recycled IDs, no shared filesystem, no shared kernel. Disk is destroyed on close. SOC 2 in progress, BAA + SAML SSO on Enterprise.
Scale a single browser from 1× to 8× on demand.
Merge concurrency slots into one session — more vCPU, more RAM, higher bandwidth. Same API, no infra changes. Pay only for what you actually burn.
$0.001 per minute. That's the final price.
No hidden traffic charges, no per-action fees, no surprise overage on 'features'. The minute-rate already includes compute, egress baseline, fingerprint engine, and CF pass.
CONNECTIVITY
Four ways in: MCP · CDP · REST · typed SDK.
MCP for agents; CDP WebSocket for Playwright, Puppeteer, and Selenium; REST for managing browsers and integrating into your stack via API; first-class TypeScript, Python, and Go SDKs. One credential, four equally supported entry points.
Bring your own proxy — or use our residential pool.
BYOP is free on every plan: HTTP, HTTPS, SOCKS5, per-session or per-request, your egress and your residency. Need clean residential IPs without the procurement headache? Our managed residential proxy is metered and one toggle away.
How it works
Request a session
Call launch() from the SDK, hit the REST endpoint, or connect your MCP client. You get a CDP WebSocket back.
Drive the browser
Any CDP-compatible client works — Playwright, Puppeteer, our SDK, or an LLM over MCP. No patched images required.
Stay undetected
Fingerprint rotation, human-like timing, and stealth patches are on by default. Attach your own proxy for egress — we handle the browser surface.
Teardown & replay
Sessions auto-persist logs, screenshots, and a full trace. Replay any run, debug what the agent saw, share a permalink.
Systems
MCP server
Drop-in MCP server exposing browser primitives — open, click, read, type, screenshot — with typed tools your LLM can discover.
CDP endpoint
Direct WebSocket to Chromium DevTools Protocol. Works with Playwright, Puppeteer, and anything that speaks CDP.
Typed SDK
First-class TypeScript and Python SDKs. Helpers for auth, retries, and pagination. Batteries included, zero magic.
Stealth by default
Fingerprint rotation, human-like timing, patched JS-surface. No captcha wall on routine reads.
Sessions & replay
Every run gets video, DOM snapshots, and network logs. Replay a failure, share a link, debug deterministically.
Bring your own proxy
Attach any HTTP or SOCKS proxy per session. You control egress, residency, and compliance — we run the browser.
One install. One API key. Works with the stack you already have — Playwright, Puppeteer, MCP, or direct CDP.
TypeScript
Python
cURL
How it works
Type-safe, boringly predictable. Works with the stack you already have.
TypeScript
Python
cURL
Coming soon — see docs
Pricing
/ month
For solo builders and weekend projects.
100 browser-minutes / mo
1 concurrent session
Community Discord
All SDK features
Get started
For teams shipping agents to prod.
10,000 browser-minutes / mo
25 concurrent sessions
Session replay + traces
Priority support
Start on Pro
Custom
SLA, SSO, on-prem — call us.
Unlimited concurrency
SSO / SAML, SOC 2 report
On-prem or VPC peering
24/7 pager, named SRE
Talk to sales
No free trial credits — every paid plan includes a real quota from day one.
Detailed comparison
Usage
Browser-minutes / mo
10,000
Unlimited
Concurrent sessions
Cold start (p50)
< 400 ms
< 400 ms · pinned warm pool
Max session duration
15 min
Configurable
Protocols & SDK
CDP WebSocket
MCP server
TypeScript + Python SDK
REST API
Session artifacts
Retention window
24 h
30 days
Custom · up to 1 y
Video replay
DOM + network trace
Shareable permalinks
Network & isolation
Bring-your-own proxy
Per-session microVM
Static egress IPs
Add-on
VPC peering / on-prem
Access & identity
API keys
1 key
Unlimited · scoped
Team members
SSO / SAML
Audit log
90 days
Forever
Compliance
SOC 2 Type II report
On request
GDPR DPA
Custom MSA / ISO 27001
Support
Channel
Priority email + Slack
24/7 pager
Response time SLA
Best effort
8 business hrs
15 min · 24/7
Named SRE
Uptime SLA
99.9 %
99.99 %
Security & Compliance
Every session runs in a fresh Firecracker microVM and is destroyed on close. No retained cookies, profiles, or browsing state by default — nothing to share, nothing to leak.
Per-session microVM
Each browser runs in its own Firecracker microVM. No shared filesystem, profile, or cookies.
Ephemeral by default
On session end, runtime, profile, cache, localStorage, and temp files are destroyed.
No retained browsing data
No persistent profiles, no retained cookies, no server-side cookie storage.
Scoped CDP credentials
Each CDP endpoint is bound to one session with a scoped token. No cross-session access.
Live observability
Watch any session live from your side. Recordings are not stored — retention is yours.
Opt-in persistence
Persistence is opt-in via encrypted import/export to your storage. Default is stateless.
Zero-trust infrastructure
No shared secrets, no implicit trust, no flat network. Compromise of one node grants no lateral access.
Verified supply chain
Signed and verified at each stage — build, test, deploy, session start. Keyless cosign signing.
— MERGING
Combine multiple sessions into one. CPU, memory, and bandwidth merge linearly. You spend N concurrency slots from your plan, you get one session with N× the power.
● 1× SESSION — Standard browser session
1 vCPU
2 GB RAM
5 Mbps
25 Mbps
1 slot
Standard automation, most agent workloads
● 2× MERGED — Two sessions merged
2 vCPU
4 GB RAM
10 Mbps
50 Mbps
2 slots
Heavier pages, parallel tabs
● 4× MERGED — Four sessions merged
4 vCPU
8 GB RAM
20 Mbps
100 Mbps
4 slots
Large SPAs, long traces, memory-heavy flows
● 6× MERGED — Six sessions merged
6 vCPU
12 GB RAM
30 Mbps
150 Mbps
6 slots
Dense DOMs, intensive rendering
● 8× MERGED — Eight sessions merged
8 vCPU
16 GB RAM
40 Mbps
200 Mbps
8 slots
Heaviest workloads, near-desktop parity
EGRESS · BASE
EGRESS · BURST
CONCURRENCY COST
MAX SESSION
24h (longer runs supported, best-effort)
ISOLATION
Per-merge microVM, no shared state
USE CASE
Egress is fair-use across all sizes. BYOP available on every plan, or use Browsernaut proxy at $4/GB.
Session merging is available on every plan. Spend your concurrency parallel or merged — your call.
See plans →
— LIVE NUMBERS · MEASURED IN PRODUCTION
Start building
View the docs
Launch a browser
Join Browsernaut
Cloud browsers for autonomous agents.
© 2026 Browsernaut Labs, Inc.
Features
Pricing
Changelog
Status
Documentation
SDK reference
MCP server
Examples
About
Blog
Careers
Contact
Privacy
Terms
Acceptable use
Security