New Security Enhancements in Intel’s Core Ultra 2 vPro Security Chips
Intel has introduced its latest Core Ultra 2 vPro Security processors, featuring advanced security management capabilities, including hardware-based authentication for system firmware. These enhancements aim to fortify corporate PCs against potential cyber threats. Alongside this launch, the company unveiled a new initiative designed to improve the security posture of business computers by mapping the security features of vPro chips against adversarial attack techniques.
The project, known as the PC Security Stack Mappings, is a collaboration between Intel, Microsoft, and CrowdStrike. The objective is to provide greater clarity on how vPro’s approximately 30 hardware-enabled security features counter specific attack techniques listed in the MITRE ATT&CK framework. This alignment is expected to help businesses bolster their cybersecurity strategies by leveraging Intel’s latest chip security capabilities.
Mapping vPro’s Security Features to Attack Techniques
Historically, Intel has not focused on linking specific attack types to the security hardware features of its chips. However, the new mapping project reveals how distinct security features protect against around 150 attack techniques detailed in the MITRE ATT&CK framework. Security operations teams often rely on this framework to assess vulnerabilities and enhance their defenses, but its application has predominantly been in the software domain rather than hardware.
Intel’s vPro chips, commonly used in business environments, include enhanced security and management features that allow system administrators to remotely manage and update devices. Over multiple generations, these security features have been refined, and the latest vPro processors, codenamed Arrow Lake, introduce a redesigned chip structure where individual functional components, known as chiplets, are integrated into a larger processor. One of the significant advancements in this architecture is the inclusion of a dedicated security tile, which enhances protection at the hardware level.
Integration with Microsoft’s Secured-Core Initiative and Future Plans
In addition to Intel’s security advancements, the new vPro Security chips incorporate support for Microsoft’s Secured-Core initiative, which establishes a hardware-level security layer to safeguard critical computing functions, including boot integrity. Microsoft’s Pluton security chip is a crucial component of this initiative, further strengthening device security.
Intel’s mapping tool is expected to provide valuable insights for c making procurement decisions. By analyzing security threats that impact older PCs, system administrators can better determine when to upgrade their hardware to maintain robust protection against emerging threats. The tool may also help identify instances where security controls are inadvertently disabled, allowing IT teams to address potential vulnerabilities proactively.
Having completed the first phase of the PC Security Stack Mappings project, Intel is already considering further applications of its mapping data. The company currently offers a feature called Discovery, which provides detailed insights into PC manageability capabilities. Future developments may involve leveraging mapping data to generate security scores for endpoints, enhancing enterprise cybersecurity strategies. Intel aims to integrate these insights into its cloud services, enabling real-time security assessments and activation of necessary security measures.
