// Trust & Security Report

    Windsurf (formerly Codeium), now operated by Cognition AI as Devin Desktop logo

    Windsurf (formerly Codeium), now operated by Cognition AI as Devin Desktop

    AI coding assistant / agentic IDE (Codeium autocomplete, Windsurf IDE / Cascade agent, Windsurf for JetBrains, now rebranding to Devin Desktop with Devin Cloud/Local agents)

    Certifications held

    3

    Maturity

    Enterprise

    Trains on your data

    No

    Trust center

    Yes

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    SOC 2 Type II
    HELD

    We have received our SOC 2 Type II report, certifying that a third party auditor has confirmed over an extended period of observation that we back our security and privacy stance, complete with vulnerability scans and penetration tests. ... performed by Prescient Assurance.

    Verify on devin.ai
    HIPAA
    HELD

    HIPAA is not listed on the vendor trust center or current security documentation that could be directly verified. Third-party reports mention HIPAA BAA availability for enterprise, but no vendor-domain proof was confirmed.

    Verify on trust.windsurf.com
    FedRAMP High (Windsurf/Codeium Extensions, IL5, ITAR)
    HELD

    Windsurf Extensions (previously Exafunction Codeium) have achieved FedRAMP High authorization. Windsurf Extensions are IL5 (Impact Level 5) compliant for the Department of Defense (DoD). Windsurf's FedRAMP solution and processes around access enable us to handle ITAR data. Listed on the FedRAMP Marketplace (FR2315464863); announced March 10, 2025. The trust center also lists downloadable 'FedRAMP Accreditation and ATO Artifacts' and a 'FedRAMP NIST SP 800-53 CRM & CIS Workbook' consistent with an active authorization.

    Verify on windsurf.com
    > Show 2 unconfirmed / not-held certifications
    ISO 27001
    NOT CONFIRMED

    No ISO 27001 certification is claimed or listed on the vendor trust center, security docs, or SOC 2 blog.

    source: trust.windsurf.com
    CMMC 2.0 / NIST SP 800-171
    NOT CONFIRMED

    Trust center lists 'CMMC 2.0 CRM: NIST SP 800-171 Control Mapping' — this is a Customer Responsibility Matrix / control mapping document, not a CMMC certification or assessment award.

    source: trust.windsurf.com

    // Privacy & AI training

    Trains on customer data

    No

    Data processing agreement

    Not stated

    Data region

    United States. Subprocessor data locations on trust center: GCP us-central1 (Council Bluffs, IA) for cloud infrastructure; AWS us-west-2 (processing); OpenAI Chat API US (processing); Cerebras US, Crusoe us-southcentral-1, CoreSite Santa Clara CA (processing).

    Opt-out by default for all users and contractually excluded for enterprise. Vendor docs state: 'By default, we do not use any of your data for model training purposes unless you explicitly opt-in' and 'If you are an Enterprise customer, we will never train on your data.' Legacy Windsurf/Codeium positioning also advertised zero-data-retention for paid/enterprise seats.

    // Security controls

    Penetration testing

    Yes — third-party pen tests conducted; trust center lists 'Pen Test 2025' as a downloadable report, and the SOC 2 blog cites 'vulnerability scans and penetration tests.'

    trust.windsurf.com

    Bug bounty / vulnerability disclosure

    No public HackerOne or Bugcrowd program. Private coordinated disclosure via email (security@windsurf.com) with GPG encryption required; reports must not be filed through public channels like GitHub issues.

    docs.devin.ai

    Encryption

    All data transmission is encrypted in transit and at rest.

    docs.devin.ai

    Data retention

    Data retained only for the duration of the customer relationship unless otherwise specified; legacy paid seats marketed with zero data retention.

    docs.devin.ai

    Trust center platform

    Powered by Drata; SOC 2 report access gated behind a confidentiality/NDA request.

    trust.windsurf.com

    // Products & data scope

    Codeium (legacy autocomplete / extensions)AI code completion plugin

    data: Code context sent for completions; no training on user data by default. Free individual tier and enterprise.

    Original product; brand folded into Windsurf. The enterprise 'Windsurf/Codeium Extensions' line (formerly Exafunction Codeium) is the FedRAMP High authorized, DoD IL5, ITAR-capable offering and supports self-hosted/hybrid deployment. FedRAMP scope is this Extensions product, not the consumer Windsurf IDE or Devin cloud agents.

    Windsurf IDE (Cascade agent)Agentic AI IDE

    data: Repository/codebase context indexed for agent actions; opt-out of training by default, enterprise never trained on. Free, Pro ($20/mo), Max ($200/mo), Teams ($80/mo + $40/seat), Enterprise.

    Now rebranding over-the-air to 'Devin Desktop' under Cognition; plans, pricing, and legacy Windsurf Enterprise terms carry over.

    Windsurf for JetBrainsIDE plugin (IntelliJ/PyCharm/WebStorm)

    data: Same data-use posture as core Windsurf; continues to be available.

    Maintained as a separate download.

    Devin Desktop / Devin Cloud & Local agentsMulti-agent command center

    data: Manages local and cloud coding agents; enterprise data never used for training; data retained for relationship duration. Cognition Platform (Enterprise) tier.

    New direction under Cognition; consolidates third-party agents (Codex, Claude Agent, OpenCode, Cascade) via Agent Client Protocol.

    // What to watch

    • BRAND/OWNERSHIP TRANSITION: Windsurf (formerly Codeium) is now operated by Cognition AI and is rebranding to 'Devin Desktop'. codeium.com and windsurf.com now redirect to devin.ai / docs.devin.ai. Compliance is increasingly governed by Cognition's legal entity (SOC 2 obtained by Cognition, March 2024). Directory listing should reflect the new owner/brand.
    • FedRAMP High is CONFIRMED, but scoped to Windsurf/Codeium Extensions (the enterprise self-hosted/FedRAMP offering), not the consumer Windsurf IDE, Cascade, or Devin cloud agents. Authorization announced March 10, 2025, FedRAMP Marketplace ID FR2315464863, with DoD IL5 and ITAR data-handling. Earlier draft marked this unknown; that was a missed real certification. HIPAA BAA support is referenced by multiple third-party reports but is not confirmed on current vendor security docs or the trust center, so it remains unknown.
    • CMMC and FedRAMP trust-center entries are control-mapping/responsibility documents (CRM/Workbook), which are commonly mistaken for certifications — they are not.
    • DPA existence is likely (enterprise customers, SOC 2) but no DPA URL was directly verifiable — marked unknown.
    • SOC 2 report itself is gated behind an NDA request, so the report contents could not be independently inspected; the SOC 2 Type II claim is corroborated by the vendor blog (auditor Prescient Assurance) and current security docs.

    // At a glance

    Pricing model

    Freemium + subscription: Free $0, Pro $20/mo, Max $200/mo, Teams $80/mo + $40/full seat, Enterprise (custom).

    Self-hostable

    Not stated

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Windsurf (formerly Codeium), now operated by Cognition AI as Devin Desktop's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    trust.windsurf.com

    > Browse all vendor trust reports