O'Reilly Media report: Azure Confidential Computing and Zero Trust
We are excited to announce the publication of our first O'Reilly Media report: Azure Confidential Computing and Zero Trust. We felt a need to make it clear to our customers, and the industry as a whole, what confidential computing is, how it relates to the foundational principles of zero trust, what use cases it enables, and the depth and breadth of confidential computing in Azure.
Confidential computing is the processing of data in a hardware based and attested trusted execution environment (TEE). This helps enforce zero-trust principles down to the hardware level in several ways. For example, it supports the principle of enforce least privileged access by ensuring only the software that writes to a memory location may read it or write over it. It also supports the principle of always verify access through the confidential computing requirement of attestation of the TEE. This allows the good state of the TEE hardware and software to be verified before sensitive data is unlocked and available for processing. And finally, it supports the principle of assume breach by removing the cloud provider's host OS and hypervisor from software that must be trusted.
Our report contains several links to industry standards, our ACC case studies, and other reference material. Please take a look and share with your colleagues!
Published on:
Learn moreRelated posts
Secure Boot certificate updates for Linux on Azure virtual machines
Microsoft has published new guidance for managing Secure Boot certificate updates for Linux on Azure virtual machines, including Trusted Launc...
Soluzione Earns Microsoft Solutions Partner Designation for Digital & App Innovation (Azure)
Soluzione is pleased to announce that it has earned the Microsoft Solutions Partner designation for Digital & App Innovation (Azure). This...
Azure SDK Release (May 2026)
Azure SDK releases every month. In this post, you'll find this month's highlights and release notes. The post Azure SDK Release (May 2026) app...
How to Use Deep Agents with Azure Cosmos DB – Plan, act, and verify against operational data
Deep Agents is an agent harness built on LangGraph, for agents that need to work through a task over many steps instead of a single LLM call. ...
Retirement of Azure DevOps issuer in Workload identity federation service connections
We are announcing the deprecation of the Azure DevOps issuer in workload identity federation (WIF) service connections, with planned retiremen...
Azure Backup for Azure Cosmos DB Public Preview Adds Immutable Backups and Long-Term Retention
Azure Backup for Azure Cosmos DB Public Preview Adds Immutable Backups and Long-Term Retention Picture the first few hours after a serious dat...
Announcing General Availability of the Azure Cosmos DB Built-in Connector for Logic Apps Standard
Today, we’re excited to announce the general availability of the Azure Cosmos DB built-in connector for Azure Logic Apps Standard. This ...