Hardware-based machine learning detects ransomware and cryptojacking attacks in real time. Credit: Thinkstock Intel pulled the wraps off its latest vPro platform powered by its 12th Gen Core processors last week. The platform contains security enhancements including:Threat Detection Technology (TDT), a hardware-based way to detect ransomware in an efficient and timely mannerAnomalous behavior detection to identify living-off-the-land and supply chain attacksSilicon-based capabilities that support the next wave of expected operating system virtualization and chipset enhancements with fault injection to help prevent malicious code injectionsThreat Detection Technology uses machine learningTwo companies immediately announcing their support of the platform were ESET and ConnectWise. “Using Intel’s TDT, the detection of malware execution—including malicious encryption—is assisted through the use of machine-learning heuristics on suspicious patterns sourced directly from the CPU performance monitoring unit,” Előd Kironský, ESET’s chief of endpoint solutions and security technologies, explained in an interview. “The suspicious activity is shared with the ESET endpoint security solution, which then remediates the threat.”“An additional benefit provided by Intel TDT,” Kironský continued, “is the ability to off-load some of the processing demands of detecting ransomware to the Intel Integrated graphics controller, keeping the overall system performance high.” “Low impact to system performance is an area that ESET has always prioritized within its multi-layered software architecture and is a key selling point for many of our clients,” Kironský said in a news release. “Leveraging tech that can help us with prevention and protection, while also preserving performance, is a win-win choice.” TDT detects attacks from apps, browsers, or virtual machinesIntel’s technology can also thwart malicious actors using code obfuscation to avoid detection. “Since Intel TDT provides machine-learning behavioral detection, the ESET endpoint security solution will take the signals provided by Intel’s TDT to remediate the threat in those instances,” Kironský said.Another company hopping on the TDT bandwagon is ConnectWise, a software developer for IT solutions providers. It has announced it will integrate TDT into its Remote Monitoring and Management (RMM) software agent to allow it to identify and respond to security incidents rapidly. With TDT in RMM, ransomware and cryptojacking attacks can be detected, whether they come from a native app, within the browser, or from a virtual machine. With TDT, the company noted, RMM can detect and mitigate the most advanced attacks with greater precision and obtain more consistent results across all types of workloads.“SMBs are seeking simplified and turn-key cybersecurity solutions that are tightly integrated into their overall PC fleet management,” Carla Rodríguez, senior director for ecosystem partner enablement at Intel, said in a statement. “By integrating Intel TDT, ConnectWise customers on Intel-based devices will have access to powerful CPU-based threat detection that can be remediated from their RMM consoles with no additional security software to be purchased or implemented.” Related content news Spam blocklist SORBS shuts down after over two decades The service was unsustainable but those in the email deliverability industry expressed mixed feelings about the closure. By Evan Schuman Jun 07, 2024 4 mins Email Security Antispam news analysis New RansomHub ransomware gang has ties to older Knight group File encryption malware used by RansomHub appears to be a modified variant of the Knight ransomware, also known as Cyclops. By Lucian Constantin Jun 07, 2024 4 mins Hacker Groups Ransomware Hacking feature Whitelisting explained: How it works and where it fits in a security program Whitelisting locks down computers so only approved applications can run. Is the security worth the administrative hassle? By Josh Fruhlinger and CSO Staff Jun 07, 2024 10 mins Email Security Application Security Data and Information Security interview How Amazon CISO Amy Herzog responds to cybersecurity challenges Amazon CISO for devices and advertising products and services describes how her team works with product and devops teams to ensure products are cybersecure. By David Strom Jun 07, 2024 5 mins Security Practices Vulnerabilities Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe