O'Reilly Media report: Azure Confidential Computing and Zero Trust
We are excited to announce the publication of our first O'Reilly Media report: Azure Confidential Computing and Zero Trust. We felt a need to make it clear to our customers, and the industry as a whole, what confidential computing is, how it relates to the foundational principles of zero trust, what use cases it enables, and the depth and breadth of confidential computing in Azure.
Confidential computing is the processing of data in a hardware based and attested trusted execution environment (TEE). This helps enforce zero-trust principles down to the hardware level in several ways. For example, it supports the principle of enforce least privileged access by ensuring only the software that writes to a memory location may read it or write over it. It also supports the principle of always verify access through the confidential computing requirement of attestation of the TEE. This allows the good state of the TEE hardware and software to be verified before sensitive data is unlocked and available for processing. And finally, it supports the principle of assume breach by removing the cloud provider's host OS and hypervisor from software that must be trusted.
Our report contains several links to industry standards, our ACC case studies, and other reference material. Please take a look and share with your colleagues!
Published on:
Learn moreRelated posts
Azure SDK Release (March 2026)
Azure SDK releases every month. In this post, you find this month's highlights and release notes. The post Azure SDK Release (March 2026) appe...
Specifying client ID and secret when creating an Azure ACS principal via AppRegNew.aspx will be removed
The option to specify client ID and secret when creating Azure ACS principals will be removed. Users must adopt the system-generated client ID...
Azure Developer CLI (azd): Run and test AI agents locally with azd
New azd ai agent run and invoke commands let you start and test AI agents from your terminal—locally or in the cloud. The post Azure Developer...
Microsoft Purview compliance portal: Endpoint DLP classification support for Azure RMS–protected Office documents
Microsoft Purview Endpoint DLP will soon classify Azure RMS–protected Office documents, enabling consistent DLP policy enforcement on encrypte...
Introducing the Azure Cosmos DB Plugin for Cursor
We’re excited to announce the Cursor plugin for Azure Cosmos DB bringing AI-powered database expertise, best practices guidance, and liv...
Azure DevOps Remote MCP Server (public preview)
When we released the local Azure DevOps MCP Server, it gave customers a way to connect Azure DevOps data with tools like Visual Studio and Vis...
Azure Cosmos DB at FOSSASIA Summit 2026: Sessions, Conversations, and Community
The FOSSASIA Summit 2026 was an incredible gathering of developers, open-source contributors, startups, and technology enthusiasts from across...
Azure Cosmos DB at FOSSASIA Summit 2026: Sessions, Conversations, and Community
The FOSSASIA Summit 2026 was an incredible gathering of developers, open-source contributors, startups, and technology enthusiasts from across...