Intel® Threat Detection Technology
Intel® Threat Detection Technology (Intel® TDT) provides cyberattack monitoring and increased security performance at the hardware level. Endpoint security solutions can leverage Intel® TDT to help discover advanced attacks that evade most other detection methods.
Intel vPro® is the only business platform with built-in hardware security capable of detecting ransomware and software supply chain attacks.1
Combat Cryptojacking and Ransomware. Increase Performance.
The Intel® TDT AI software can profile malware as it attempts to execute on the CPU microarchitecture. This high-fidelity hardware alert is relayed to security software for fast remediation on the PC and for proactive protections across the fleet. The solution offloads compute-intensive security workloads such as accelerated memory scanning and AI from the CPU to the Intel integrated GPU for an improved user experience.
Intel® TDT Augments Traditional, Software-Based Security Solutions with Unique Capabilities:
Detect Threats Within VMs
Full-stack visibility to help uncover malicious code that is cloaked in a VM or in obfuscated binaries.
Find Malware in Memory
Enhance detection of fileless malware that runs hidden in memory.
Help Discover Zero-Day Attacks
Support real-time discovery of zero-day attacks, new variants, or intermittent encryption.
Learn About Intel® Threat Detection Technology
Read the Intel® TDT solution brief to learn more about how hardware-based threat detection helps defend against ransomware and other advanced threats.
Threat Detection Use Case: Microsoft Defender for Endpoint
Microsoft Defender for Endpoint delivers industry leading endpoint detection and response to protect against attacks including ransomware. The upcoming integration of Intel® TDT and Microsoft Defender for Endpoint adds another layer of protection by adding security signals sourced directly from the hardware.
Microsoft Defender for Endpoint vs Ransomware
Microsoft plans to enable Intel® TDT CPU enhanced ransomware detection capabilities on millions of endpoints.
Microsoft Defender for Endpoint vs Cryptojacking
Microsoft Defender for Endpoint leverages Intel® TDT AI-based security and Intel integrated GPU to help detect and remediate cryptojacking.
Protect Applications with Anomalous Behavior Detection
Intel® TDT anomalous behavior detection (ABD) monitors applications for early indicators of compromise. ABD leverages CPU execution control-flow tracking to build dynamic AI models of "good" application behavior.
ABD Helps to Root Out a Broad Range of Back-Door Cyberattacks Including:
- Sophisticated software supply chain attacks that can infect masses of PCs with compromised app updates.
- "Living off the land" attacks that are difficult for security solutions to distinguish from benign app behavior.
- Zero-day threats that do not have signatures or behavior profiles.
Benefits of Anomalous Behavior Detection
Research by Intel and Microsoft yields new insights into the unique capabilities of the ABD protections in Intel® TDT.
Enable Security Software for CPU Threat Detection
With Intel® TDT, security vendors can augment and enhance the behavioral detectors in their own security solutions with hardware-based sensors that profile malware as it executes on the CPU.
Intel® TDT leverages the Intel integrated GPU for security agent offload from the CPU. Offloaded processes may include AI, accelerated memory scanning, or any performance-intensive security workload.
Intel Offers Tools and Programs to Streamline Integration:
- Software development kit (SDK) and free software to help integrate Intel® TDT capabilities into endpoint agents.
- Support from Intel security engineers.
- Go-to-market marketing funds, channel co-sell programs, and Intel® Partner Alliance matchmaking.
Ready to Enhance Security Software Offerings with Intel® TDT?
Learn about the Intel® TDT ISV program for SDK tools and support to help you integrate CPU-based monitoring and protection into your solutions.
Cybersecurity and the Intel vPro® Platform
Intel® TDT is just one component of the Intel vPro® platform—a built-for-business platform that provides the integrated tools you need for endpoint security and manageability.
Intel® Hardware Shield
Today’s threats require in-depth defense. Find out how our platform helps defend each layer of your devices: hardware, BIOS/firmware, hypervisor, VMs, OS and application.
Advanced Threat Protections
Advanced threats, including ransomware, cryptomining, and memory attacks, require hardware-based endpoint defenses. Learn about the other hardware-level security features included in the Intel vPro® platform.
Enhanced Endpoint Security ROI
Modern, security-enhanced PC processors help keep your organization secure while lowering costs. Find out how.
Intel TDT Ecosystem
List of security software vendors who support Intel TDT as of the launch of Intel vPro® with 12th Gen Intel® Core™ processors (March 2022).
Product and Performance Information
All versions of the Intel vPro® platform require an eligible Intel processor, a supported operating system, Intel® LAN and/or WLAN silicon, firmware enhancements, and other hardware and software necessary to deliver the manageability use cases, security features, system performance, and stability that define the platform. See intel.com/performance-vpro for details.