Best platforms for untrusted code execution in 2026
Blog post from Northflank
In 2026, selecting the right platform for untrusted code execution is crucial due to the potential security risks associated with running AI-generated code, user-submitted scripts, or runtime-generated code from language models. Key considerations include the isolation model, with microVMs like Firecracker and Kata Containers being preferred for their ability to provide each workload its own dedicated kernel, thereby enhancing security. Northflank, E2B, Modal, and Fly.io Sprites are highlighted platforms, each offering varying degrees of isolation and infrastructure capabilities. Northflank stands out for its flexibility and comprehensive stack, E2B is tailored for AI agent execution with Firecracker isolation, Modal provides gVisor isolation with significant scalability, and Fly.io Sprites offers persistent Firecracker microVMs. Effective isolation helps contain potential security incidents, and the choice of platform must align with specific threat models and infrastructure requirements, with microVM isolation being a recommended default for genuinely untrusted code.
| Trend | Post Mentions | Total Month Mentions | Posts | Companies | MoM |
|---|---|---|---|---|---|
| AI Agents | 5 | 4,545 | 963 | 231 | +27% |
| LLM | 2 | 6,078 | 960 | 218 | +18% |
| AI Coding Assistant | 1 | 1,255 | 319 | 126 | +24% |
| Observability | 1 | 3,204 | 716 | 172 | +14% |
| Secrets Management | 1 | 1,488 | 268 | 99 | +7% |