Edgeless Systems secure the cloud's workloads by releasing the first runtime encrypted Kubernetes, able to run on a multitude of cloud providers.
Edgeless Systems is a pioneer in the world of Confidential Computing. Last year in "EdgelessDB - Taking Database Security To The Next Level", I covered its security-oriented database which is 100% compatible with MySQL and enhanced with confidential computing capabilities based on secure enclaves on Intel SGX chips. There was a lot of terminology to assimilate in that article and as a refresher:
An enclave in simple terms, is a hardware sandbox that provides runtime protection of the data it encloses. EdgelessDB uses it in order to execute trusted and secure code on untrusted environments such as cloud platforms and already there's an integration of EdgelessDB on the Azure platform. An enclave itself is, in fact, just an instruction in the CPU architecture provided by modern CPUs.
Confidential computing is a concept that takes this one step further. It's an umbrella term that encapsulates protecting data at rest, data in use and data in transit, including preventing unauthorized access and tampering at runtime. Also it offers verifiability, in that the user can be certain that he talks to the appropriate back end and is not being misled as well as ensuring that the backend is running the code it is supposed to run.
full article on i-programmer: