Intel adds security enhancements to vPro line

Intel pulled the wraps off its latest vPro platform powered by its 12th Gen Core processors last week. The platform contains security enhancements including:

• Threat Detection Technology (TDT), a hardware-based way to detect ransomware in an efficient and timely manner

• Anomalous behavior detection to identify living-off-the-land and supply chain attacks

• Silicon-based capabilities that support the next wave of expected operating system virtualization and chipset enhancements with fault injection to help prevent malicious code injections

Threat Detection Technology uses machine learning

Two companies immediately announcing their support of the platform were ESET and ConnectWise. “Using Intel’s TDT, the detection of malware execution—including malicious encryption—is assisted through the use of machine-learning heuristics on suspicious patterns sourced directly from the CPU performance monitoring unit,” Előd Kironský, ESET’s chief of endpoint solutions and security technologies, explained in an interview. “The suspicious activity is shared with the ESET endpoint security solution, which then remediates the threat.”

“An additional benefit provided by Intel TDT,” Kironský continued, “is the ability to off-load some of the processing demands of detecting ransomware to the Intel Integrated graphics controller, keeping the overall system performance high.”

“Low impact to system performance is an area that ESET has always prioritized within its multi-layered software architecture and is a key selling point for many of our clients,” Kironský said in a news release. “Leveraging tech that can help us with prevention and protection, while also preserving performance, is a win-win choice.”

TDT detects attacks from apps, browsers, or virtual machines

Intel’s technology can also thwart malicious actors using code obfuscation to avoid detection. “Since Intel TDT provides machine-learning behavioral detection, the ESET endpoint security solution will take the signals provided by Intel’s TDT to remediate the threat in those instances,” Kironský said.

Another company hopping on the TDT bandwagon is ConnectWise, a software developer for IT solutions providers. It has announced it will integrate TDT into its Remote Monitoring and Management (RMM) software agent to allow it to identify and respond to security incidents rapidly.

With TDT in RMM, ransomware and cryptojacking attacks can be detected, whether they come from a native app, within the browser, or from a virtual machine. With TDT, the company noted, RMM can detect and mitigate the most advanced attacks with greater precision and obtain more consistent results across all types of workloads.

“SMBs are seeking simplified and turn-key cybersecurity solutions that are tightly integrated into their overall PC fleet management,” Carla Rodríguez, senior director for ecosystem partner enablement at Intel, said in a statement. “By integrating Intel TDT, ConnectWise customers on Intel-based devices will have access to powerful CPU-based threat detection that can be remediated from their RMM consoles with no additional security software to be purchased or implemented.”