How do you run sensitive workloads on someone else’s infrastructure? “You don’t” is probably a common spontaneous answer to this question. However, in a cloud-first world, not running on someone else’s infrastructure is becoming less and less a viable option.
Fundamentally, confidential computing is about two things: keeping workloads encrypted and isolated during processing and making this circumstance externally verifiable via cryptographic certificates (“remote attestation”).
Consequently, Confidential K8s enables companies to migrate even sensitive or regulated workloads to the cloud and to offer more trustworthy SaaS.