Anjuna Secure Containers and Deploying AMD SEV Servers on Packet
Conventional approaches to securing applications have relied primarily on software to provide protection. However good the software implementation may be, an attacker that can gain privileged access would conceivably be able to circumvent software defenses. AMD Secure Encrypted Virtualization (SEV) is a recent and disruptive technology that provides significantly better security and privacy model. It essentially enables us to run applications in an environment that is isolated from the hypervisor and the host OS. It can help protect the confidentiality of sensitive data, and significantly raise the bar against attackers that exploit privilege escalation to obtain full control of the host.
AMD Secure Encrypted Virtualization
A presentation from USENIX Security describing AMD Secure Encrypted Virtualization (SEV) that provides memory isolation and encryption, enabling hardware-level isolation and privacy for workloads in multi-tenant environments such as the public cloud.
AMD Memory Encryption
An AMD white paper describing the AMD approach to memory encryption.