Protect source code and development environments.
Move development from unmanaged laptops into self-hosted, governed environments on your infrastructure. Centralize controls and keep source code secure.


Laptops weren't designed to be your security perimeter
Source code, credentials, and development tools often live on developer laptops outside centralized controls. As teams grow, organizations face unmanaged access and limited visibility. Coder moves development onto infrastructure you control, with access, dependencies, and tooling managed centrally instead of laptop by laptop.
Source code containment
- Workspaces run on your cloud, on-prem, or air-gapped infrastructure.
- Source code, credentials, and tooling stay inside your infrastructure.
- Keep secrets in your existing vault.
Network isolation
- Workspaces run in isolated networks with template-defined allow lists.
- Agent Firewall extends default-deny network policies to AI coding agents.
- Allow and deny decisions are all logged centrally.
Identity and audit
- SSO and SCIM integration with your existing identity provider.
- Every workspace and agent action is attributed to a named user.
- Audit events export to your SIEM.
- SOC 2 Type II certified.
Enterprises deploying Coder at scale.
One or two clicks and developers can start working. Sharing reports, exposing ports. It's all built-in. And because it's hosted remotely, we don't need expensive laptops or worry about local Docker vulnerabilities.
Build with tools you love



With Coder, development happens on infrastructure you control. Platform and security teams gain centralized visibility, access controls, and governance while developers work in secure, reproducible self-hosted environments.
Centralized and isolated workspaces
- Workspaces run on your cloud, on-prem, or air-gapped infrastructure, accessible from any IDE.
- Configure network policies per template with explicit allow lists for sanctioned services.
- Source code, credentials, and tooling stay inside your perimeter, never on endpoint laptops.

Access control and audit logging
- SSO and SCIM integration with your existing identity provider applies to every developer and agent.
- Every workspace and agent action is attributed to a named user.
- Audit events stream to your SIEM.
- SOC 2 Type II certified.

Built for regulated industries
- Deploy on cloud, on-prem, or air-gapped infrastructure to meet data residency requirements.
- Used by U.S. Defense Intelligence Organization with centralized ATO compliance for 2,500+ developers.
- Open source core, fully inspectable architecture, and a public security policy for review.






