Intel® Threat Detection Technology
Protect your users from new and emerging threats with AI-powered security capabilities that help prevent ransomware, crypto mining, and even memory-scanning attacks before they happen. Intel® Threat Detection Technology (Intel® TDT) offers cyberattack monitoring and increased security performance at the hardware level.
Intel vPro® is the only business platform with built-in hardware security capable of detecting ransomware and software supply chain attacks.1
Combat Cryptojacking and Ransomware. Increase Performance.
Intel® TDT uses Machine Learning (ML) algorithms to help profile malware as it attempts to execute on the CPU microarchitecture and can even detect never-before-seen attacks. This high-fidelity hardware alert is relayed to security software for fast remediation on the PC and proactive protection across the fleet. The solution offloads compute-intensive security workloads such as accelerated memory scanning and AI from the CPU to the integrated Intel® GPU for an improved user experience.
Unique Capabilities Augment Software-Based Security Solutions
Help Discover Zero-Day Attacks
Support real-time discovery of zero-day attacks, new variants, or intermittent encryption.
Find Hidden Malware in Memory
Enhance detection of fileless malware that runs hidden in memory.
Detect Threats Within Virtual Machines
Full-stack visibility to help uncover malicious code that is cloaked in a VM or obfuscated binaries.
Learn About Intel® Threat Detection Technology
Read the Intel® TDT solution brief to learn more about how hardware-based threat detection helps defend against ransomware and other advanced threats.
Threat Detection Use Case
Microsoft Defender for Endpoint delivers industry-leading endpoint detection and response to protect against attacks, including ransomware and cryptojacking. The upcoming integration of Intel® TDT and Microsoft Defender for Endpoint adds another layer of protection by adding security signals sourced directly from the hardware.
Microsoft Defender for Endpoint vs. Ransomware
Microsoft plans to enable the CPU-enhanced ransomware detection capabilities of Intel® TDT on millions of endpoints.
Microsoft Defender for Endpoint vs. Cryptojacking
AI-based security and integrated Intel® GPU features on Intel® TDT help Microsoft Defender for Endpoint detect and remediate crypto-jacking attacks.
Protect Applications with Anomalous Behavior Detection
Intel® TDT anomalous behavior detection (ABD) monitors applications for early indicators of compromise. ABD leverages CPU execution control-flow tracking to build dynamic AI models of "good" application behavior.
ABD roots out back-door cyberattacks, including:
- Sophisticated software supply chain attacks that can infect masses of PCs with compromised application updates.
- "Living off the land" attacks that are difficult for security solutions to distinguish from benign application behavior.
- Zero-day threats that do not have signatures or behavior profiles.
Enable Security Software for CPU Threat Detection
With Intel® TDT, security vendors can augment and enhance the behavioral detectors in their security solutions with hardware-based sensors that profile malware as it executes on the CPU.
Intel® TDT leverages the integrated Intel GPU to offload the security agent from the CPU. Offloaded processes may include AI, accelerated memory scanning, or a performance-intensive security workload.
Tools and Programs to Streamline Integration
- Software development kit (SDK) and free software to help integrate Intel® TDT capabilities into endpoint agents.
- Support from Intel security engineers.
- Go-to-market marketing funds, channel co-sell programs, and Intel® Partner Alliance matchmaking.
Ready to Enhance Security Software Offerings with Intel® TDT?
Learn about the Intel® TDT ISV program for SDK tools and support to help you integrate CPU-based monitoring and protection into your solutions.
Cybersecurity and the Intel vPro® Platform
Intel® TDT is just one component of the Intel vPro® platform—a built-for-business platform that provides the integrated tools you need for endpoint security and manageability.
Intel® Hardware Shield
Today’s threats require in-depth defense. Find out how our platform helps defend each layer of your devices: hardware, Basic Input/Output System (BIOS), firmware, hypervisor, VMs, OS, and application.
Advanced Threat Protections
Advanced threats, including ransomware, crypto mining, and memory attacks, require hardware-based endpoint defenses. Learn about the other hardware-level security features included in the Intel vPro® platform.
Enhanced Endpoint Security ROI
Modern, security-enhanced PC processors help keep your organization secure while lowering costs. Find out how.
Intel® TDT Ecosystem
List of security software vendors who support Intel TDT as of the launch of Intel vPro® with 12th Gen Intel® Core™ processors (March 2022).
Additional Resources
Product and Performance Information
All versions of the Intel vPro® platform require an eligible Intel processor, a supported operating system, Intel® LAN and/or WLAN silicon, firmware enhancements, and other hardware and software necessary to deliver the manageability use cases, security features, system performance, and stability that define the platform. See intel.com/performance-vpro for details.