Trust no 1 (or 0): Intel Trust Authority

Seamless integration of technology into our lives is allowing us to do more than ever, but at the same time, it is creating an attack surface and vectors at a scale we have never seen before.

As 英特尔 works to bring AI everywhere, we recognize that threats to data security, privacy, and even biometrics are a genuine concern. AI will only be truly ethical and responsible when it is accessible to all.? Intel is building platforms and technologies for customers to confidently secure diverse AI workloads across the data center, cloud, PC, and edge. And partnering with the ecosystem, we continue to deliver innovative ecosystem tools and solutions that will make AI safer and more secure and address privacy as it scales exponentially.

That’s why Intel has built capabilities to improve the security of our best-in-class products in the industry.

Today, as part of his Innovation keynote, Intel CTO Greg Lavender , announced a new portfolio of security services called Intel Trust Authority . This includes the general availability of our attestation service, the first service offered within the Intel Trust Authority portfolio.

As confidential computing becomes increasingly pervasive with our customers, Intel is ready with a diverse range of options with our Intel? Software Guard Extensions?(Intel? SGX) and Intel? Trust Domain Extensions (Intel? TDX) technologies that allow applications and virtual machines to be secured regardless of where the deployment happens.?With Intel Trust Authority, we complement the silicon services with capabilities that will enhance our customer security posture.

• Unified, independent verification of trusted execution environment (TEE) integrity and custom policy adherence.
• ISO 27001:2022 certification. The confidential computing attestation service is committed to delivering best practices in security controls, information technology, and cybersecurity to our clients and their customers.
• Cross-cloud and multi-cloud services can be used wherever Intel-based confidential computing environments are deployed, including public, hybrid, private, and edge computing clouds.
• Embodies Zero Trust principles by separating the assessment of the infrastructure’s trustworthiness from the provider of infrastructure and maintains independent tamper-resistant audit logs to help with compliance.

I’m excited about the capabilities we’re delivering – technology that will allow you to create tomorrow’s solutions, expand what’s possible, and accelerate the speed at which you can solve problems and gather insights.

Product security isn’t just a nice to have. It’s the difference between a data breach that shuts down a company or the updates that prevent a significant exploit from occurring. A recent report by IRONSCALES states that over 74% of respondents have already experienced an increase in the use of AI by cybercriminals within the past year.

You have more technology than ever to manage – supporting remote workforces, numerous devices, and uninterrupted access and collaboration. Technology solutions, therefore, need to secure data not only at rest and in transit but also in use – protecting valuable assets and minimizing attack surfaces, both in and out of our control. Whether it’s protecting customer data, company IP, or privacy and regulatory concerns, we fully understand that security is top of mind.

We’ve spent years developing a seasoned team for incident response that processes the vulnerabilities through triage and then develops mitigations that either harden the product before release or deliver updates to make the products more resilient throughout the product's life. However, before we deliver any of these products to you, we apply rigorous testing and offensive research, scouring code and physical attack vectors for potential security vulnerabilities. And we don’t stop with our assessment. We work with the best in the business – whether that’s a top university or major technology vendor.

My challenge to you:

• Find a silicon vendor who takes as many steps and invests as much as we do to deliver more secure and resilient products to developers and customers.
• To all in the industry – evolve your product assurance practices, incident response, and mitigation to better protect customers’ data and privacy.

I’m so confident in how we look for potential vulnerabilities and the critical response to any identified that I would put the power of our product security assurance up against our direct competitors.