Web browsing is now the primary attack vector for organizations: phishing, ransomware, malware, and zero-day vulnerabilities are most often delivered through the browser.
In this environment of constant threat, the most exposed organizations like public administrations, essential infrastructure, and large industrial groups require objective, independent guarantees regarding the cybersecurity solutions they deploy.
In this context that VirtualBrowser announces it has obtained the an important security certification (Certification de Sécurité de Premier Niveau, a.k.a. CSPN) issued by French cybersecurity agency ANSSI. This makes VirtualBrowser the first RBI-based web browsing security solution certified by the French National Cybersecurity Agency.
What is the CSPN certification?
The CSPN (Certification de Sécurité de Premier Niveau) is an official cybersecurity certification issued by ANSSI, the French National Cybersecurity Agency, following a rigorous evaluation conducted by an independent, ANSSI-approved laboratory.
Its purpose is to formally validate:
- the real-world robustness of a cybersecurity solution,
- the effectiveness of its protection mechanisms,
- its resistance to concrete attack scenarios, tested under conditions close to real operational environments.
Unlike vendor self-claims or internal audits, the CSPN provides an independent, third-party validation. This level of assurance is particularly sought after in sensitive and highly regulated environments, where security claims must be demonstrable and verifiable.
Official recognition for secure enterprise web browsing
With this certification, VirtualBrowser reaches a major milestone: the security promise of the solution is now independently validated by ANSSI, one of Europe’s most respected cybersecurity authorities.
VirtualBrowser therefore becomes the first web browsing security solution to receive this certification, confirming the strength and credibility of its technological approach against browser-based threats.
“This CSPN certification marks an important step in the development of our solution. We work with organizations that sometimes operate at extremely high levels of sensitivity and require strong, objective guarantees regarding the robustness of the cybersecurity solutions they deploy.”
Édouard de Rémur, CEO of VirtualBrowser
A radical approach: isolating web browsing by design
Faced with the growing volume and sophistication of cyber threats, many organizations have accumulated defensive measures over time: dual workstations for sensitive environments, large-scale blocking of uncategorized websites, heavy manual validation processes.
While these approaches can reduce exposure, they often come at a high cost in terms of productivity and user experience.
VirtualBrowser takes a fundamentally different path, one based on a true protocol break.
Instead of executing web browsing locally on the user’s device, VirtualBrowser moves the execution of web sessions to a remote server, hosted either in the cloud or within the organization’s own infrastructure.
In practice:
- web pages are executed remotely,
- only a visual stream (pixels) is rendered in the user’s standard browser,
- no web code ever reaches the endpoint,
- each browsing session is fully isolated, ephemeral, and automatically destroyed at the end of use.
The result: web threats are neutralized by design, without agents, without plugins, and without changing how users work.
Secure web browsing, whatever the use case
The CSPN certification validates VirtualBrowser’s ability to address a broad range of browser-related risks, including:
- phishing and smishing attacks,
- malware, ransomware, and zero-day exploits,
- protection against browser fingerprinting,
- secure access to uncategorized or potentially risky websites,
- use of web applications considered high-risk (video conferencing tools, personal messaging apps, LLM-based services),
- access to corporate systems from unmanaged devices (contractors, partners),
- web investigations conducted by SOC or OSINT teams,
- secure browsing while mobile or from sensitive locations.
All of this is delivered with a smooth, transparent, and frictionless user experience.
A key milestone for the most sensitive environments
This CSPN certification further strengthens VirtualBrowser’s ability to support:
- public administrations and government bodies,
- operators of essential or critical infrastructure,
- large industrial and technology-driven enterprises that must balance high security requirements, regulatory compliance, and operational continuity.
“This need for reassurance is even more critical for operators of vital infrastructure that have deployed our solution across their entire workforce and for all web usage, including video conferencing.”
Édouard de Rémur, CEO of VirtualBrowser
Conclusion
With the CSPN certification, VirtualBrowser confirms:
- the maturity and robustness of its technology,
- the relevance of its pixel-based web isolation approach,
- and its ability to meet the stringent requirements of critical and highly regulated environments.
This official recognition by ANSSI represents a structuring milestone in VirtualBrowser’s development and opens new opportunities with organizations that demand the highest level of cybersecurity assurance.
👉 Want to learn more or see VirtualBrowser in real conditions? Contact us.
Frequently Asked Questions about the CSPN certification
What exactly is the CSPN certification?
The CSPN is an official certification issued by ANSSI after a rigorous evaluation conducted by an independent, accredited laboratory. It validates the robustness of a cybersecurity solution, the effectiveness of its protection mechanisms, and its resistance to realistic attack scenarios.
To view the official certificate issued by ANSSI, click here.
Is the CSPN certification recognized internationally?
Yes and no.
Yes, in the sense that ANSSI is widely regarded as one of the most demanding and respected cybersecurity authorities in Europe. A certification issued by ANSSI therefore carries strong credibility among organizations familiar with European cybersecurity standards.
In Germany, a mutual recognition agreement exists between ANSSI and the Federal Office for Information Security (BSI). This agreement enables reciprocal recognition of certain security certifications, avoiding duplicate evaluations. Learn more here (in French).
And no, in the sense that CSPN remains a French national certification, issued by a French authority and formally applicable within France.
Why is the CSPN certification important for VirtualBrowser?
The CSPN provides an independent validation of VirtualBrowser’s security claims. Unlike internal audits or vendor statements, it is delivered by ANSSI, France’s reference authority for cybersecurity.
This recognition is particularly important for sensitive and regulated organizations — such as public administrations, critical infrastructure operators, and large industrial groups — that require objective assurance when selecting cybersecurity solutions.
It is also a source of pride and recognition for our technical teams, leadership, and shareholders, whose long-term confidence in the technology is now validated by a credible external authority.
Is VirtualBrowser really the first web browsing solution certified under CSPN?
Yes. VirtualBrowser is the first Remote Browser Isolation-based security solution to obtain the CSPN certification issued by ANSSI. This recognition confirms the strength of VirtualBrowser’s technological approach in addressing browser-based threats.
How does VirtualBrowser’s web isolation work in practice?
VirtualBrowser executes web browsing sessions on a remote server, hosted either in the cloud or within the organization’s own infrastructure. Web pages are executed remotely, and only a visual stream (pixels) is rendered in the user’s browser. No web code reaches the endpoint. Each session is isolated, ephemeral, and automatically destroyed, neutralizing threats by design. It's called Remote Browser Isolation.
What hosting options are available?
VirtualBrowser offers two main deployment options:
- Cloud hosting: rapid deployment, automatic scalability, and simplified infrastructure management, which is ideal for organizations seeking flexibility.
- On-premise : hosted directly within the organization’s infrastructure, managed either by the organization or by VirtualBrowser. This option is often favored by public administrations, critical infrastructure operators, and organizations with strict sovereignty or control requirements.
Both options provide the same level of security and user experience. The choice depends on regulatory constraints, security policies, and operational preferences.
What types of threats does VirtualBrowser neutralize?
VirtualBrowser protects against a wide range of browser-based threats: phishing and smishing attacks, malware, ransomware, zero-day exploits, fingerprinting, and risks related to uncategorized websites or high-risk web applications (video conferencing, personal messaging tools, LLMs).
Does VirtualBrowser require agents, on-device software, or plugins?
No. VirtualBrowser is completely agentless and requires no software installation or plugins. It works transparently within users’ existing workflows.
Can VirtualBrowser be deployed across an entire organization?
Yes. VirtualBrowser can be deployed for all users and for all web usage, including video conferencing. Several critical infrastructure operators have already chosen this organization-wide deployment model.
Which use cases does VirtualBrowser cover?
VirtualBrowser supports many use cases: secure access to uncategorized websites, use of high-risk web applications, access to corporate systems from unmanaged devices, web investigations by SOC or OSINT teams, and secure browsing while mobile or in sensitive regions.
To explore concrete use cases, download our guide.
Is VirtualBrowser suitable for the most sensitive environments?
Yes. The CSPN certification reinforces VirtualBrowser’s suitability for public sector organizations, critical and essential infrastructure operators, and large industrial and technology-driven enterprises with high security and compliance requirements.
Does remote browser isolation impact user experience?
No. VirtualBrowser delivers a smooth, transparent, and frictionless experience. Unlike traditional approaches (dual workstations, mass blocking, heavy procedures), it preserves normal web usage while ensuring a high level of security.
Where are browsing sessions hosted?
Browsing sessions can be hosted in the cloud or on-premise, depending on the organization’s requirements and preferences.
How can I learn more or request a demo?
To learn more about VirtualBrowser or see the solution in real conditions, contact our team or meet us at one of our upcoming events.
