March 13, 2023
Confidential Computing
Shifting software to the cloud has historically been a slower, more uneven process in highly regulated industries, like healthcare and finance, than in less regulated industries, like ecommerce and entertainment. As companies collect more and more sensitive data about their users, they must spend more time creating new, hardened barriers between their cloud and private computing workloads, while filling in the gaps with tools like synthetic data or data masking.
Modern encryption protects some confidential data, allowing companies to encrypt data while at rest and in transit. At runtime, however, data is often unencrypted for analysis or processing, opening the door to data breaches and noncompliance.
Confidential computing closes this runtime gap in security by shielding its processes entirely from the rest of the system, while allowing these environments to prove their authenticity with a cryptographic certificate.
Confidential computing is all about running workloads in hardware-enforced secure execution environments. We refer to them as confidential computing environments (CCEs).
One can load arbitrary programs into CCEs. The hardware ensures that all data (and code) of the CCE remain encrypted at runtime. This feature is what most people associate with confidential computing.
Apart from that, confidential computing has one additional defining feature: remote attestation. Remote attestation allows anyone to establish trust in a CCE and bootstrap a secure channel to it. So, confidential computing is about keeping data encrypted during processing and making this verifiable remotely. The verification/remote attestation feature is important, because without such a mechanism, a malicious actor could just claim to be running a CCE and then access data once it is sent over.
Confidential Computing, Edgeless Systems
Funding
Inigo, a platform for GraphQL API management, analytics, and security, raised $4.5m in Seed funding.
Edgeless Systems, a confidential computing company that enables encrypted data at rest, in transit, and in use, raised $5.3m in Seed funding.
Monnai, an API connecting disparate data sources to help fintech companies navigate regulatory requirements and avoid fraud, raised $6.5m in Series A funding.
Cubist, a security-focused web3 developer tools company, raised $7m in Seed funding.
Speedscale, a tool for replicating world-traffic when testing APIs, raised $9m in funding.
pgEdge, a fully distributed edge database based on standard Postgres, raised $9m in Seed funding.
Zenhub, a project management tool for engineering teams, raised $10m in Series A funding.
Vantage, a tool for understanding cloud costs and automating savings, raised $21m in Series A funding.