announced two new technologies—Threat Detection Technology (TDT) and Security Essentials—that not only offer hardware-based built-in security features across Intel processors but also improve threat detection without compromising system performance. Intel's Threat Detection Technology (TDT) offers a new set of features that leverage hardware-level telemetry to help security products detect new classes of threats and exploits. It includes two main capabilities—Accelerated Memory Scanning and Advanced Platform Telemetry. Accelerated Memory Scanning allows antivirus programs to use Intel's integrated GPU to scan and detect memory-based malware attacks while reducing the impact on performance and power consumption.
The other TDT feature is Intel Advanced Platform Telemetry that incorporates cloud-based machine learning and endpoint data collection to better identify potential security threats, "while reducing false positives and minimizing performance impact." Intel's new Thread Detection Technology solution will be available for computers with 6th, 7th, and 8th generation Intel processors, though it's up to third-party antivirus vendors to actually utilize the feature. Microsoft and Cisco are the first ones to make use of Intel's Threat Detection Technology (TDT), with the Intel TDT coming to Windows Defender Advanced Protection Threat (ATP) this month.
"Current scanning technologies can detect system memory-based cyber-attacks, but at the cost of CPU performance," says Rick Echevarria, Intel security division Vice President.According to Intel, early tests using the new GPU-accelerated scanning technique suggest that CPU utilization for malware threat scans "dropped from 20 percent to as little as 2 percent"—that's obviously a massive increase in efficiency.
"With Accelerated Memory Scanning, the scanning is handled by Intel's integrated graphics processor, enabling more scanning, while reducing the impact on performance and power consumption."
- Hardware Root of Trust—Cryptographic keys protected by hardware
- Small Trusted Computing Base—Protecting keys, IDs, and data using hardware trusted platform module (TPM)
- Defence in Depth—Hardware and software protection
- Compartmentalization—Hardware-enforced barriers between software components
- Direct Anonymous Authentication—Cryptographic schemes to offer anonymous authentication of a device for privacy (especially for IoT devices)
- HW Security escalation—Enabling hardware acceleration of cryptographic calculation, antivirus scanning, and key generation
The announcement comes after serious security vulnerabilities—Meltdown and Spectre—badly hit Intel CPUs and chips from other companies earlier this year, and the security patches rolled out by the companies increased load for the CPU, affecting device performance.