Changelog

Secure Viewer (Beta): Controlled disclosure without shipping files to the browser

New

Secure Viewer is now available in beta through controlled availability programs.

Instead of sending document bytes to the browser for local rendering, Stellarbridge now renders approved documents server-side in a short-lived isolated runtime and streams pixels to the dashboard.

Why this matters

  • Keeps the default preview path out of the browser’s local file/cache flow
  • Enforces access with RBAC + Drive policy before a session starts
  • Binds view sessions to user and organization context
  • Uses ephemeral, session-scoped renderer environments with teardown on close
  • Adds audit events for secure-view opens and rate-limited attempts

Important boundaries

Secure Viewer reduces a common exposure path, but it does not eliminate all disclosure risk (for example, screenshots/recording and insider misuse are still possible).

Availability

  • Status: Beta
  • Rollout: Controlled availability by tenant
  • Limits: Supported formats and configured object/session limits apply

Read the full announcement: Secure Viewer: Controlled Disclosure Without Shipping Files to the Browser.