Intel® Threat Detection Technology (Intel® TDT)
Intel® Threat Detection Technology (Intel® TDT) augments endpoint security software with AI that leverages Intel CPU telemetry to uncover cyberattacks that evade traditional detection methods. The solution ensures a performant user experience by offloading AI and memory scanning from the CPU to the integrated GPU.
Strengthen Your Endpoint Security Solutions
Preparing for Real-World Attacks
Cyberattacks continue to evolve novel techniques to hide from security software deployed on endpoint PC fleets. Traditional software-only approaches are failing to stop attacks. Ransomware attacks are up to a record $ 1 billion in payouts in 20231, 75% of attacks use stealthy file-less attack methods, and the breakout time to move across a PC fleet is down to only 62 minutes.2
Using Hardware to Defend Software
Intel Threat Detection Technology has a unique approach to security that is able to fingerprint malware as it attempts to execute on the CPU microarchitecture. This method is immune to traditional malware cloaking or obfuscation techniques and adds a new lens that helps increase the efficacy and performance of security software.
Part of a Validated Security Ecosystem
Cyberattacks continue to evolve novel techniques to hide from security software deployed on endpoint PC fleets. Traditional software-only approaches are failing to stop attacks. Ransomware attacks are up to a record $1 billion in payouts in 20231, 75% of attacks use stealthy file-less attack methods, and the breakout time to move across a PC fleet is down to only 62 minutes.3 Intel is the only silicon provider offering hardware security validated against the MITRE ATT&CK framework, with Intel TDT and other Intel vPro® protections against 150 real-world attacks.4 By choosing these PCs with Intel TDT and utilizing the leading enterprise security solutions, IT and Sec Ops can better protect their fleets from ransomware, cryptojacking, file-less attacks to memory, and software supply chain attacks that attempt to infect valid software applications.
Intel vPro is the only business platform with built-in hardware security capable of detecting ransomware and software supply chain attacks.5 6
Threat Detection Capabilities
Help Detect Advanced Threats with Powerful AI Tuned for Your PC
Intel TDT uses CPU telemetry and Machine Learning (ML) algorithms to profile and detect malware, such as ransomware and cryptojacking, improving monitoring and security performance at the hardware level. In a recent study, Intel TDT detected 93 percent of top ransomware variants from the silicon sensor, bolstering the EDR’s overall detection efficacy by 24% over software alone.7
Accelerate Security Software Out of the Box
Intel TDT has been pre-integrated by leading security ISVs to accelerate security workloads on PCs powered by Intel® Core™ Ultra processors. Both the CPU and GPU deliver AI accelerators to ensure a performant user experience while increasing endpoint threat protection capabilities.8
Enhance Detection of Fileless Malware
By offloading advanced memory scanning (AMS) workloads from the CPU to the integrated GPU, Intel TDT enables software-based security solutions to scan, deeper, and more frequently. This helps software solutions uncover file-less attacks sooner before they can execute attack payloads while ensuring minimal impact on the user experience.
Help Discover Zero-Day Attacks
CPU behavior monitoring supports real-time discovery of zero-day attacks and new variants without stopping to develop signature-based detection methods.
Take Advantage of Industry-Leading Threat Detection Using Intel TDT
We work with leading security software vendors to pre-integrate Intel TDT so IT teams can quickly activate hardware-based security capabilities on Intel vPro-based devices. Explore how Intel TDT helps endpoint security solutions deliver improved security performance and better user experiences.
CrowdStrike Falcon
CrowdStrike Falcon Insight integrates Intel TDT to boost memory scanning by up to 7x, delivering faster detection of fileless attacks.9 CrowdStrike’s hardware-enhanced exploit detection (HEED) capabilities take advantage of Intel TDT CPU telemetry to discover suspicious control flows. Capabilities can be enhanced for below-the-OS security when combined with Dell Trusted Device software on Intel vPro-based PCs.
Trend Micro Security Solutions
Trend Micro integrates Intel® Threat Detection Technology (Intel® TDT) into Trend Vision One™ and Worry-Free Services Suites, delivering next-generation threat detection powered by hardware-level telemetry and AI-enhanced protection.
Microsoft Defender for Endpoint
Microsoft Defender for Endpoint utilizes Intel Threat Detection Technology for accelerated memory scanning, Cryptojacking detection, and for its CPU assisted Ransomware detection. These capabilities are agentless and integrated directly into Windows for use across the Defender suite of security solutions. These deliver accelerated security processing and better threat detection for PCs built on Intel vPro.
Watch a demo of the Microsoft Defender for Endpoint solution with Intel
ESET Endpoint Security
ESET leverages Intel TDT to deliver a multilayered solution to protect small and midsized businesses (SMBs) against advanced attacks like ransomware.
Learn about the ESET solution with Intel
Learn how Intel and ESET SMB solutions help keep you safe against cyberattacks (eBook)
Bufferzone NoCloud™ AI Anti-Phishing Solution
The Bufferzone NoCloud Anti-Phishing solution is optimized on Intel Core Ultra processors, using the NPU to improve efficiency.
Bring Intel TDT Capabilities to Your Endpoint Security Solution
We can help you enable Intel TDT capabilities for your endpoint solution. We offer software development kits (SDK), free software, enablement guidance, and go-to-market resources to make integration easy.
Intel vPro Helps Make It Easy to Deploy a Comprehensive Security Approach
Intel TDT is just one security component included with the Intel vPro® suite of technologies. Explore how Intel vPro can help easily support threat detection best practices across your PC fleet.
Intel vPro® Security
See all the technologies and features that help defend each layer of your devices, including hardware, BIOS/firmware, hypervisor, VMs, OS, and applications.
Better Control Leads to Better Security
Take a proactive approach to security with Intel vPro® Manageability, which allows IT to keep endpoints patched and updated—no matter how dispersed the fleet is10—while also providing disaster recovery options to get your business back up and running in hours instead of days.
Product and Performance Information
Internet connection speed varies depending on your Internet Service Provider, modem type, time of day, browser version, operating system, traffic, and intersecting signals. Results are not a guarantee of true connection speed.
As of January 2025, based on MITRE data report and blog https://community.intel.com/t5/Blogs/Tech-Innovation/Artificial-Intelligence-AI/Intel-AI-PCs-Deliver-an-Industry-Validated-Defense-vs-Real-World/post/1650954. See www.intel.com/performance-vpro for details. Results may vary.
All versions of the Intel vPro® platform require an eligible Intel® processor, a supported operating system, Intel® LAN and/or WLAN silicon, firmware enhancements, and other hardware and software necessary to deliver the manageability use cases, security features, system performance, and stability that define the platform. See intel.com/performance-vpro for details.
As of March 2023, Intel has the first and only hardware-based threat detection of its kind that works to augment security software for high-efficacy detection of the latest ransomware, cryptojacking, supply chain style attacks and even zero-day attacks in Windows-based systems. Based on SE Labs – Enterprise Advanced Security (Ransomware) – Intel Threat Detection Technology study published March 2023 (commissioned by Intel), which compared ransomware detection capabilities of an Intel vPro system powered by Intel Core processor against systems powered by AMD Ryzen Pro processors on Windows OS. SE Labs tested Intel’s hardware approach to ransomware detection, using a wide range of ransomware attacks similar to those used against victims in recent months. Systems tested included Intel® Core™ i7-1185G7, AMD Ryzen Pro 5675U, AMD Ryzen Pro 5875U, AMD Ryzen Pro 6650U, and AMD Ryzen Pro 6850U. Visit www.intel.com/tdt to learn more. No product or component can be absolutely secure. Other names and brands may be claimed as the property of others.
“SE Labs Intelligence-Led Testing: Enterprise Advanced Security (Ransomware),” SE Labs, February 2023.
Available on devices with Intel® Core™ Ultra processors.
Remote management requires a network connection; must be a known network for Wi-Fi out-of-band management. See www.intel.com/Performance-vPro for details. Results may vary.