We enable secure execution of containers and programs using Intel SGX
Tell Me More

SCONE in a nutshell

Overview of SCONE's unique features

SCONE runs programs inside secure enclaves preventing even attackers with root access from stealing secrets from these programs.

SCONE helps to configure programs with secrets that can neither be read nor modified by attackers - even if they would have already taken control of the operating system and/or the hypervisor.

SCONE can transparently encrypt files and network traffic and in this way, it protects data from unauthorized access via the operating system and the hypervisor.

SCONE transparently attests programs to ensure that only the correct, unmodified programs are executing. This also prevents maleware to attach to programs.

SCONE is compatible with Docker permitting to run scontained applications with the help of compose files on top of Docker Swarm.

SCONE supports secure compose files to protect secrets that are visible in compose files.

SCONE supports curated images for many popular services like memcached, Apache, MySQL, etc.

SCONE features

SCONE's unique features explained

application-oriented security

Application-Oriented Security

Ensure application security even in untrusted environments

SGX encrypts main memory

Intel SGX Support

Encrypted main memory with Intel SGX ensures confidentialitiy and integrity

Scone Language Support

Cross-Compiler support

SCONE support cross-compilers for C, C++, Rust, Go and an interpreter for Python

Supporting Docker Compose and Stack

Docker Integration

Support of Stack and Compose files to deploy an application

Scone-based shielding

Shielding

Supports transparent encryption of files and network traffic

Scone Curated images

Curated SCONE Container Images

SCONE supports a set of standard services like nginx, etc

Technical Documentation

We provide developer-/operations-oriented documentation as well as scientific papers

https://sconedocs.github.io/

Technical Documentation

Tutorial and technical details

Docker-based Scone Documentation

Offline Documentation

We provide Docker container image of the SCONE documentation

Publications

Scientific Publications

We published several papers related to SCONE. A good starting point to read is our OSDI 2016 paper

Services

We offer our customers different service levels

SCONE Community Edition

We provide a community edition of our services. This services run inside of enclaves in pre-release mode, i.e., one can view the memory content of these enclaves with an appropriate debugger

SCONE Standard Edition

Services run inside of enclaves - without the possibility of inspections. This includes business day support

SCONE Enterprise Edition

Services run inside of enclaves - without the possibility of inspections. Access to all source code. This includes priority support 24x7

Contact Us

If you are interested in the SCONE platform, SCONE curated images or if you want to work for us, please send email to scontain.com