As anyone in the tech industry will tell you, cybersecurity is a constantly moving target. The landscape has changed drastically in the last several years, with the advent of IoT leading to an entirely new host of threats. Ransomware and DoS (Denial of Service) attacks are on the rise, and cybercriminals are becoming more and more sophisticated in their methodology, embracing the same encryption that was originally meant to lock them out. Intel has been at the forefront of security through its leadership on Spectre and Meltdown (and evidenced by CEO Brian Krzanich’s Security First Pledge to customers earlier this year). This considering, it comes as no surprise that the company had a lot to say at this year’s RSA security conference. Here’s my breakdown of Intel’s security announcements.
New Threat Detection Technology
GPU Accelerated Memory Scanning
Intel took the opportunity at the RSA 2018 conference to announce the first two capabilities of its new Threat Detection Technology (TDT). Accelerated Memory Scanning is designed to detect memory-based cyberattacks, without sucking up all the CPU performance and power that current scanning technologies require. By relying on Intel’s integrated graphics processor, Intel says this capability reduces the impact on CPU power consumption and performance and allows for more scanning. Also announced at the event was that Accelerated Memory Scanning will soon be integrated into Microsoft’s Advanced Threat Protection (ATP) capability (read my coverage of Microsoft’s other RSA security announcements here). It’s great to see Intel and Microsoft leveraging the GPU in novel ways. It may have taken too long, but I’m glad it’s here now. I also see this as yet another example of Intel and Microsoft embracing more heterogeneous computing, a very good sign. I’m very interested to see how other higher performance graphics solutions would perform.
Advanced Platform Telemetry
The second capability announced was Advanced Platform Telemetry. Telemetry is basically the notion of having more data points to detect threats. Simply speaking, the more data points you have and the better the ability to sort through that data quickly, the more quickly and effectively one can protect their enterprise. Think of it as big data for security using machine learning. Intel says that its Advanced Platform Telemetry will do all this, while simultaneously cutting down on false positives and minimizing the impact on CPU performance. On the server side of the house, Intel has partnered with another security leader, Cisco, to integrate this new feature into its Tetration solution. With Cisco having a tremendous edge presence in networking and respectable compute and data presence in UCS and Tetration, I’m very interested to see some of the fruits of these labors. There aren’t a lot of details available, but given just how committed both Intel and Cisco Systems are to security, this could be very good.
Intel Security Essentials: Root of Trust
The last big announcement from Intel at the event was the launch of Intel Security Essentials, a standard set of root-of-trust hardware security capabilities that will be implemented across Intel Core (server), Xeon (PC), and Atom (edge) processors. Root of trust is a hardware-based authentication to make sure authorized code is run, whether it be firmware, operating system or application. Intel says this set of capabilities will accelerate industry-wide trusted computing, by inspiring customers to build solutions around them. In addition to bolstering platform integrity, Intel says that by integrating these capabilities directly into Intel silicon it will lower costs and reduce the impact of security on performance.
Standardizing hardware-based security across Xeon, Core, and Atom could also be a good incentive to go “all-Intel” as it could make trusted execution, key store and execution, and cryptography easier for ISVs, IHVs, and OEMs. With that in mind, I think this is a smart move on Intel’s part.
These all look to be innovative, smart solutions that are in keeping with the spirit of Intel’s Security First Pledge. As I said earlier, I’m glad to see Intel leveraging the GPU in new, novel ways (the new Accelerated Memory Scanning capability, for example), and encouraged by the fact that the company already has two big profile implementations for its new, advanced TDT capabilities—Microsoft with its integration of Accelerated Memory Scanning into ADT, and Cisco Systems utilizing Advanced Platform Telemetry in its Tetration solution. I’ve long maintained that enterprise security must start at the hardware level, so I’m glad to see Intel shoring up its silicon with the new Security Essentials. Nice work, Intel—I look forward to seeing how these technologies function in the wild.