Security Experts:

Connect with us

Hi, what are you looking for?


Cloud Security

Intel Adds TDX to Confidential Computing Portfolio With Launch of 4th Gen Xeon Processors

Intel announced on Tuesday that it has added Intel Trust Domain Extensions (TDX) to its confidential computing portfolio with the launch of its new 4th Gen Xeon enterprise processors.

Intel announced on Tuesday that it has added Intel Trust Domain Extensions (TDX) to its confidential computing portfolio with the launch of its new 4th Gen Xeon enterprise processors.

The chip giant has launched the 4th Gen Xeon scalable CPUs, codenamed Sapphire Rapids, alongside the Intel Xeon CPU Max series, codenamed Sapphire Rapids HBM, and the Data Center GPU Max series, codenamed Ponte Vecchio.

4th Gen Intel Xeon processorAccording to Intel, the new products bring increased performance in AI, analytics, networking, security, storage, and high performance computing (HPC).

In terms of security, Intel puts the spotlight on confidential computing, with the company’s portfolio being expanded to include Intel TDX, which isolates data and code in use at the virtual machine level using hardware-isolated trust domains.

TDX allows users to deploy existing applications into a confidential environment for increased privacy and compliance. The feature will be available through cloud providers such as Microsoft, Google, IBM and Alibaba, in many cases through a simple setting in a cloud configurator.

Intel says TDX gives users confidentiality from the cloud provider and other cloud tenants, while helping them ensure compliance with data privacy and governance regulations.

TDX builds on Intel’s Software Guard Extensions (SGX) technology, but it’s not a replacement — Intel has described it as a feature that brings additional choice for confidential computing.

With the launch of the fourth generation Xeon, Intel has increased the standard SGX enclave size for most SKUs.

Intel also announced that its Control-Flow Enforcement Technology (CET) will be available in the new Xeon processors. The technology, previously available in client processors, leverages hardware to help prevent malicious code execution, including call, return and jump-oriented programming (COP, ROP and JOP) attacks.

In addition, the company expects to launch Project Amber for remote verification of trustworthiness in mid-2023. The multi-cloud trust verification service can be used for SGX, TDX, devices, and roots of trust.

Related: Intel Confirms UEFI Source Code Leak as Security Experts Raise Concerns

Related: Intel Patches Severe Vulnerabilities in Firmware, Management Software

Related: Intel Unveils vPro Security Enhancements for 12th Gen Core Processors

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.