We enable secure execution of containers and programs using Intel SGX
Tell Me More

SCONE in a nutshell

Overview of SCONE's unique features

  • Transparent


    SCONE can transparently encrypt files and network traffic and in this way, it protects data from unauthorized access via the operating system and the hypervisor.

  • Transparent

    attestation of programs

    SCONE transparently attests programs to ensure that only the correct, unmodified programs are executing. This also prevents maleware to attach to programs.

  • Curated


    SCONE supports curated images for many popular services like memcached, Apache, MySQL, etc.

  • Secure

    compose files

    SCONE supports secure compose files to protect secrets that are visible in compose files.

  • Usage of

    secure enclaves

    SCONE runs programs inside secure enclaves preventing even attackers with root access from stealing secrets from these programs.

  • Configuration

    with secrets

    SCONE helps to configure programs with secrets that can neither be read nor modified by attackers - even if they would have already taken control of the operating system and/or the hypervisor.

SCONE features

SCONE's unique features explained

application-oriented security

Application-Oriented Security

Ensure application security even in untrusted environments

SGX encrypts main memory

Intel SGX Support

Encrypted main memory with Intel SGX ensures confidentialitiy and integrity

Scone Language Support

Cross-Compiler support

SCONE support cross-compilers for C, C++, Rust, Go and an interpreter for Python

Supporting Docker Compose and Stack

Docker Integration

Support of Stack and Compose files to deploy an application

Scone-based shielding


Supports transparent encryption of files and network traffic

Scone Curated images

Curated SCONE Container Images

SCONE supports a set of standard services like nginx, etc

Technical Documentation

We provide developer-/operations-oriented documentation as well as scientific papers


Technical Documentation

Tutorial and technical details

Docker-based Scone Documentation

Offline Documentation

We provide Docker container image of the SCONE documentation


Scientific Publications

We published several papers related to SCONE. A good starting point to read is our OSDI 2016 paper


We offer our customers different service levels

SCONE Community Edition

We provide a community edition of our services. These services run inside of enclaves in pre-release mode, i.e., one can view the memory content of these enclaves with an appropriate debugger

SCONE Standard Edition

Services run inside of enclaves - without the possibility of inspections. This includes business day support

SCONE Enterprise Edition

Services run inside of enclaves - without the possibility of inspections. Access to all source code. This includes priority support 24x7

Contact Us

If you are interested in the SCONE platform, SCONE curated images or if you want to work for us, please send email to scontain.com