Venafi Adaptable Driver for Intel SGX
Updated May. 17 2021

Intel® Software Guard Extensions (Intel® SGX) has joined forces with Venafi Trust Protection Platform to offer customers an innovative solution that secures private keys using secure enclave-based technology. This cutting edge, unique integration delivers immediate benefits for every deployment scenario: on premises, cloud and edge significantly reducing hardware cost and overhead while dramatically improving security.
Business Outcomes
  • Minimize risk of machine identity compromise while private key is used in memory 

  • Increase the protection of machine identities in use in untrusted environments 

  • Achieve your desired level of security with built-in hardware security  

  • Reduce the cost of operating and maintaining dedicated security hardware 

Integration Features
  • Transparent added security with no disruption to app teams  

  • Secure key generation and use in memory 

Solution Overview

One important challenge for many organizations has been to secure the private key that is used to prove the authenticity of the server identified by a certificate. Often, these private keys are protected in a sub-optimal manner that incurs prohibitively expensive overhead or undesirably high risk. 

There are three states of any digital data: data at rest, data in transit or motion, and data in use. The security of a piece of data therefore means the security of data at all states. The prevalent practice of data encryption and mature technologies for data encryption make sure sensitive data is secure at rest. Our encrypted web and its relying PKI and TLS implementations provide high level assurance on the security of data in transit. To this day, the security protection of data when in use in memory is bare minimum. The risk of sensitive data being attacked while being used in memory is looming and increasing as enterprise workloads and data move into public clouds and hybrid clouds where sharing access to the underlying hardware is a common scene. 

To address this challenge, Intel® joined forces with Venafi by combining Software Guard Extensions (Intel® SGX) with machine identity management to offer an innovative and unique solution that secures private keys in RAM, bringing hardware cost and overhead down while elevating security to a new level. Venafi's market leading machine identity management technology, combined with Intel's hardware-based, trusted execution environment technology (Intel SGX), delivers the next level of defense that significantly lowers the risk to machine identities used in any network environments. Venafi customers can leverage the integration with an easy download of the Adaptable Driver to their Intel SGX enabled server. 

Want to try it for free?  Learn about the Intel and Venafi Early Bird Access Program.