Skip To Main Content
Intel logo - Return to the home page
My Tools

Select Your Language

  • Bahasa Indonesia
  • Deutsch
  • English
  • Español
  • Français
  • Português
  • Tiếng Việt
  • ไทย
  • 한국어
  • 日本語
  • 简体中文
  • 繁體中文
Sign In to access restricted content

Using Intel.com Search

You can easily search the entire Intel.com site in several ways.

  • Brand Name: Core i9
  • Document Number: 123456
  • Code Name: Emerald Rapids
  • Special Operators: “Ice Lake”, Ice AND Lake, Ice OR Lake, Ice*

Quick Links

You can also try the quick links below to see results for most popular searches.

  • Product Information
  • Support
  • Drivers & Software

Recent Searches

Sign In to access restricted content

Advanced Search

Only search in

Sign in to access restricted content.
  1. Intel® Threat Detection Technology (Intel® TDT)

The browser version you are using is not recommended for this site.
Please consider upgrading to the latest version of your browser by clicking one of the following links.

  • Safari
  • Chrome
  • Edge
  • Firefox

Intel® Threat Detection Technology (Intel® TDT)

Intel® Threat Detection Technology (Intel® TDT) augments endpoint security software with AI that leverages Intel CPU telemetry to uncover cyberattacks that evade traditional detection methods. The solution ensures a performant user experience by offloading AI and memory scanning from the CPU to the integrated GPU.

Strengthen Your Endpoint Security Solutions

Preparing for Real-World Attacks

Cyberattacks continue to evolve novel techniques to hide from security software deployed on endpoint PC fleets. Traditional software-only approaches are failing to stop attacks. Ransomware attacks are up to a record $ 1 billion in payouts in 20231, 75% of attacks use stealthy file-less attack methods, and the breakout time to move across a PC fleet is down to only 62 minutes.2

Using Hardware to Defend Software

Intel Threat Detection Technology has a unique approach to security that is able to fingerprint malware as it attempts to execute on the CPU microarchitecture. This method is immune to traditional malware cloaking or obfuscation techniques and adds a new lens that helps increase the efficacy and performance of security software.

Part of a Validated Security Ecosystem

Cyberattacks continue to evolve novel techniques to hide from security software deployed on endpoint PC fleets. Traditional software-only approaches are failing to stop attacks. Ransomware attacks are up to a record $1 billion in payouts in 20231, 75% of attacks use stealthy file-less attack methods, and the breakout time to move across a PC fleet is down to only 62 minutes.3 Intel is the only silicon provider offering hardware security validated against the MITRE ATT&CK framework, with Intel TDT and other Intel vPro® protections against 150 real-world attacks.4 By choosing these PCs with Intel TDT and utilizing the leading enterprise security solutions, IT and Sec Ops can better protect their fleets from ransomware, cryptojacking, file-less attacks to memory, and software supply chain attacks that attempt to infect valid software applications.

Intel vPro is the only business platform with built-in hardware security capable of detecting ransomware and software supply chain attacks.5 6


Learn more about Hardware-Enabled Defense Project

Threat Detection Capabilities

Help Detect Advanced Threats with Powerful AI Tuned for Your PC

Intel TDT uses CPU telemetry and Machine Learning (ML) algorithms to profile and detect malware, such as ransomware and cryptojacking, improving monitoring and security performance at the hardware level. In a recent study, Intel TDT detected 93 percent of top ransomware variants from the silicon sensor, bolstering the EDR’s overall detection efficacy by 24% over software alone.7

Accelerate Security Software Out of the Box

Intel TDT has been pre-integrated by leading security ISVs to accelerate security workloads on PCs powered by Intel® Core™ Ultra processors. Both the CPU and GPU deliver AI accelerators to ensure a performant user experience while increasing endpoint threat protection capabilities.8

Enhance Detection of Fileless Malware

By offloading advanced memory scanning (AMS) workloads from the CPU to the integrated GPU, Intel TDT enables software-based security solutions to scan, deeper, and more frequently. This helps software solutions uncover file-less attacks sooner before they can execute attack payloads while ensuring minimal impact on the user experience.

Help Discover Zero-Day Attacks

CPU behavior monitoring supports real-time discovery of zero-day attacks and new variants without stopping to develop signature-based detection methods.

Show more Show less

Take Advantage of Industry-Leading Threat Detection Using Intel TDT

We work with leading security software vendors to pre-integrate Intel TDT so IT teams can quickly activate hardware-based security capabilities on Intel vPro-based devices. Explore how Intel TDT helps endpoint security solutions deliver improved security performance and better user experiences.

  • CrowdStrike Falcon
  • Trend Micro Security Solutions
  • Microsoft Defender for Endpoint
  • ESET Endpoint Security
  • Bufferzone NoCloud™ AI Anti-Phishing Solution

CrowdStrike Falcon

CrowdStrike Falcon Insight integrates Intel TDT to boost memory scanning by up to 7x, delivering faster detection of fileless attacks.9 CrowdStrike’s hardware-enhanced exploit detection (HEED) capabilities take advantage of Intel TDT CPU telemetry to discover suspicious control flows. Capabilities can be enhanced for below-the-OS security when combined with Dell Trusted Device software on Intel vPro-based PCs.

Learn about the CrowdStrike Falcon solution with Intel

Learn more about the CrowdStrike partnership with Intel

Trend Micro Security Solutions

Trend Micro integrates Intel® Threat Detection Technology (Intel® TDT) into Trend Vision One™ and Worry-Free Services Suites, delivering next-generation threat detection powered by hardware-level telemetry and AI-enhanced protection.

Read the Intel TDT + Trend Micro solution brief

Microsoft Defender for Endpoint

Microsoft Defender for Endpoint utilizes Intel Threat Detection Technology for accelerated memory scanning, Cryptojacking detection, and for its CPU assisted Ransomware detection. These capabilities are agentless and integrated directly into Windows for use across the Defender suite of security solutions. These deliver accelerated security processing and better threat detection for PCs built on Intel vPro.

Watch a demo of the Microsoft Defender for Endpoint solution with Intel

ESET Endpoint Security

ESET leverages Intel TDT to deliver a multilayered solution to protect small and midsized businesses (SMBs) against advanced attacks like ransomware.

Learn about the ESET solution with Intel

Learn how Intel and ESET SMB solutions help keep you safe against cyberattacks (eBook)

Bufferzone NoCloud™ AI Anti-Phishing Solution

The Bufferzone NoCloud Anti-Phishing solution is optimized on Intel Core Ultra processors, using the NPU to improve efficiency.

Learn about the Bufferzone solution with Intel

See a demo from CES 2024

Bring Intel TDT Capabilities to Your Endpoint Security Solution

We can help you enable Intel TDT capabilities for your endpoint solution. We offer software development kits (SDK), free software, enablement guidance, and go-to-market resources to make integration easy.

Intel vPro Helps Make It Easy to Deploy a Comprehensive Security Approach

Intel TDT is just one security component included with the Intel vPro® suite of technologies. Explore how Intel vPro can help easily support threat detection best practices across your PC fleet.

Intel vPro® Security

See all the technologies and features that help defend each layer of your devices, including hardware, BIOS/firmware, hypervisor, VMs, OS, and applications.

Better Control Leads to Better Security

Take a proactive approach to security with Intel vPro® Manageability, which allows IT to keep endpoints patched and updated—no matter how dispersed the fleet is10—while also providing disaster recovery options to get your business back up and running in hours instead of days.

Browse More Resources

Security Starts with Intel (eBook)

Windows 11 Security Starts with Intel Hardware (eBook)

Discover how financial analysts are using AI PCs securely (webinar)

Product and Performance Information

1

Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline

2

2024 CrowdStrike Global Threat Report

3

Internet connection speed varies depending on your Internet Service Provider, modem type, time of day, browser version, operating system, traffic, and intersecting signals. Results are not a guarantee of true connection speed.

4

As of January 2025, based on MITRE data report and blog https://community.intel.com/t5/Blogs/Tech-Innovation/Artificial-Intelligence-AI/Intel-AI-PCs-Deliver-an-Industry-Validated-Defense-vs-Real-World/post/1650954. See www.intel.com/performance-vpro for details. Results may vary.

5

All versions of the Intel vPro® platform require an eligible Intel® processor, a supported operating system, Intel® LAN and/or WLAN silicon, firmware enhancements, and other hardware and software necessary to deliver the manageability use cases, security features, system performance, and stability that define the platform. See intel.com/performance-vpro for details.

6

As of March 2023, Intel has the first and only hardware-based threat detection of its kind that works to augment security software for high-efficacy detection of the latest ransomware, cryptojacking, supply chain style attacks and even zero-day attacks in Windows-based systems. Based on SE Labs – Enterprise Advanced Security (Ransomware) – Intel Threat Detection Technology study published March 2023 (commissioned by Intel), which compared ransomware detection capabilities of an Intel vPro system powered by Intel Core processor against systems powered by AMD Ryzen Pro processors on Windows OS. SE Labs tested Intel’s hardware approach to ransomware detection, using a wide range of ransomware attacks similar to those used against victims in recent months. Systems tested included Intel® Core™ i7-1185G7, AMD Ryzen Pro 5675U, AMD Ryzen Pro 5875U, AMD Ryzen Pro 6650U, and AMD Ryzen Pro 6850U. Visit www.intel.com/tdt to learn more. No product or component can be absolutely secure. Other names and brands may be claimed as the property of others.

7

“SE Labs Intelligence-Led Testing: Enterprise Advanced Security (Ransomware),” SE Labs, February 2023.

8

Available on devices with Intel® Core™ Ultra processors.

9

Source CrowdStrike AMS Blog-March 2022.

10

Remote management requires a network connection; must be a known network for Wi-Fi out-of-band management. See www.intel.com/Performance-vPro for details. Results may vary.

  • Threat Detection Capabilities
  • Enabled Ecosystem
  • Get Started
  • Resources
  • Company Overview
  • Contact Intel
  • Newsroom
  • Investors
  • Careers
  • Corporate Responsibility
  • Inclusion
  • Public Policy
  • © Intel Corporation
  • Terms of Use
  • *Trademarks
  • Cookies
  • Privacy
  • Supply Chain Transparency
  • Site Map
  • Recycling
  • Your Privacy Choices California Consumer Privacy Act (CCPA) Opt-Out Icon
  • Notice at Collection

Intel technologies may require enabled hardware, software or service activation. // No product or component can be absolutely secure. // Your costs and results may vary. // Performance varies by use, configuration, and other factors. Learn more at intel.com/performanceindex. // See our complete legal Notices and Disclaimers. // Intel is committed to respecting human rights and avoiding causing or contributing to adverse impacts on human rights. See Intel’s Global Human Rights Principles. Intel’s products and software are intended only to be used in applications that do not cause or contribute to adverse impacts on human rights.

Intel Footer Logo