Computer Using Agents on Secure Cloud VMs That Run Forever
Most agent infrastructure runs workloads in shared environments, one compromised agent affects everything else. Coasty gives every AI agent its own isolated VM. No shared processes, no noisy neighbors, no blast radius. Each agent spins up sandboxed and tears down cleanly. True isolation. Not a container in a shared pool, a dedicated VM. Undercuts AWS & GCP. Built for agents, not retrofitted compute. Running code execution, browser automation, or multi-agent pipelines? Visit coasty.ai
Hey everyone, I'm Prateek, co-founder of Coasty. We didn't start here. Our first product was an LLM aggregation tool. When we analyzed 14,000+ agent interaction logs, we noticed the real bottleneck wasn't the models. It was operating legacy desktop software end to end. Payer portals, EHRs, freight TMS systems. Software with no API, just a screen. So we built an agent that uses the computer the way a person does. It clicks, types, reads screens, and knows when to hand off to a human. We scored 82.81% on OSWorld Verified (359 tasks), independently evaluated, which puts us near the top of the leaderboard. Happy to answer anything about how the agent works, where it fails, and what it took to get it reliable enough for regulated work.
For the developers here! Coasty is also available as an API. You send a task in plain language, the agent gets a fresh environment, does the work, and returns structured results plus a full action log. Every click and keystroke is recorded, so you can replay exactly what the agent did. Setup takes 2 to 5 minutes per environment, then the agent runs unattended until the task is done or it decides a human should take over. It's modular so you can use the predict part of the harness to write an instruction for your own screenshots or any other part of the system. The pricing is fully transparent for every type of call you could make(at the end of Docs). Docs are at Coasty/Docs. The quickstart gets you to a first running task in a few minutes. If you build something with it, tell me. I read everything in this thread.
how does the per-VM teardown actually handle stateful workloads like browser automation where you need session persistence across multiple steps
@irahimiam It keeps the state of the VM(doesn’t reset) and a snapshot when the VM fails for some reason, so you can restore and continue.
@nitish_kovuru That’s simpler than I expected. Does Coasty rely mainly on observing the UI like a human user, or does it also learn workflows over time to become more reliable with repeated tasks?
Driving legacy desktop software by pixels is a nightmare I know too well from automating my own stuff. How does Coasty stay reliable when a window shifts or a modal pops mid-task, does it re-read the screen each step or follow a recorded path? The surprise dialog is always where mine breaks.
@prateek_j1 makes sense for the source data, but the follow-up is really about the action log itself. if every click/keystroke gets recorded so customers can replay what the agent did, that recording is capturing the same screen contents, including PHI on screen at the time. is that replay log covered by the same zero-retention policy, or does it persist somewhere (customer's own environment vs yours) since replay-ability kind of requires it to exist for at least some window
@chielephant That's why we've focused a lot on our recovery systems and making sure the agent gets back on track for pop-ups and unexpected changes. It verifies the screen after every step.
@sevgiuurelukag Our VMs last forever, irrelevant of the tasks or the number of steps. And we specialize in long-horizon tasks(30m+), so we deal with this all the time.
Congrats on the launch! The runs forever part is what stood out most agent VMs die when the session ends. Does it keep state between tasks, or reset each time?
Running legacy software like a human sounds like a practical use case for computer-use agents. I’m curious how much setup is typically needed before an agent can reliably interact with an existing application.
What made you start with healthcare prior auth instead of going horizontal from day one?
@prateek_j1 given you started with prior auth and EHRs, the "every click and keystroke recorded so you can replay exactly what the agent did" part raises a real question for that use case specifically: those replays and screenshots would routinely contain PHI on screen. where does that action log live, who can access it, and what's the retention/deletion policy on it, since the audit trail itself becomes a second copy of sensitive patient data that needs the same protection as the source system
@amjad_shaik Not much setup is required! Just download the local version of Coasty and run it.
@steven_snider We were horizontal haha. We’re still exploring which vertical to focus on but prior auth and healthcare was one of the first.
@prateek_j1 @galdayan So yeah, the enterprise platform is much different as you pay for compliance and HIPAA, our zero-data retention policies and security systems so none of the data is stored on our side, just acted upon.
@nitish_kovuru @amjad_shaik The former but we're also training our models on the data to make it even better!
@galdayan Great question. We treat replay artifacts differently from ordinary logs. If a session shows PHI, any screen replay, DOM snapshot, OCR text, typed values, or screenshot is considered sensitive ePHI-bearing data. For healthcare deployments, our default posture is: no raw screen replay is persisted in Coasty-controlled infrastructure. We retain a structured audit trail of agent actions, while full replay can be disabled, redacted, short-lived, or stored only in the customer’s own environment under their retention policy. So “zero retention” applies to raw PHI-bearing session content unless the customer explicitly enables replay under a BAA/security agreement. In that case, the retention window, storage location, access controls, and deletion policy are configured contractually, ideally customer-owned storage/VPC with strict TTL and audit access.