{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"Embracing Digital Transformation","title":"#174 Zero Trust Application with Confidential Computing ","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/a2bed64b\"></iframe>","width":"100%","height":180,"duration":1889,"description":"In this episode Darren interviews Patrick Conte from Fortanix about leveraging confidential computing in securiting applications in zero trust architectures. The Evolution of Confidential Computing  Confidential computing allows encrypting data not just at rest and in transit, but also while it is actively in use. This protects against attacks even if an attacker gains root access, since memory dumps will just show useless encrypted data. Intel's Software Guard Extensions (SGX) technology provides a hardware-based foundation for confidential computing. Fortanix builds on top of SGX and related Intel advancements to make confidential computing accessible and easy to use.  A core Fortanix offering is their Data Security Manager platform. This replaces purpose-built hardware encryption solutions with software encryption powered by SGX enclaves. Data Security Manager enables advanced crypto functions like global key management for millions of encryption keys all from a unified console. It can also handle database encryption, certificate management, and other critical data protection needs. This software-defined approach represents the future of data security.   Enabling True Zero Trust Applications  Confidential computing has implications beyond just data security. It also allows attaching security profiles directly to applications themselves, so the security travels with the application regardless of where it runs. Fortanix analyzes applications to assess if they can run seamlessly in SGX enclaves. If modifications are needed, they provide guidance on rewriting portions in enclave-friendly languages like Python.  Fortanix's Confidential Computing Manager solution orchestrates encrypted applications across different environments like on-prem, private cloud, and public cloud. This orchestration engine achieved zero trust not just for sensitive data, but also for mission-critical applications. Workloads can be dynamically shifted to different SGX-enabled environments...","thumbnail_url":"https://img.transistorcdn.com/IRrW2aizIeoZDn3gKLEax-JYQ8V_WzaFpHdgsslDx3k/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS9jM2Ji/MDk1OTdiYzA4ZWMw/NWNlOTY0N2RhMWQ3/YmY5Mi5wbmc.webp","thumbnail_width":300,"thumbnail_height":300}