Intel® Software Guard Extensions (Intel® SGX)

An Intel® architecture extension designed to increase the security of application code and data.

Intel® SGX Webinar

Learn how to protect your sensitive data.


Hands-On Lab Roadshow

Hands-On Lab Roadshow

Learn how to strengthen security for your applications in an all-day, hands-on lab for Intel SGX.


Intel® Software Guard Extensions (Intel® SGX) is an Intel technology for application developers who are seeking to protect select code and data from disclosure or modification. Intel SGX makes such protections possible through the use of enclaves, which are protected areas of execution in memory. Application code can be put into an enclave by special instructions and software made available to developers via the Intel® SGX Software Development Kit (SDK). The Intel SGX SDK is a collection of APIs, libraries, documentation, sample source code, and tools that allows software developers to create and debug Intel SGX enabled applications in C and C++.

Application code executing within an Intel SGX enclave:

  • Benefits from new Intel SGX instructions introduced with 7th Generation Intel® Core™ processor platforms and Intel® Xeon® processor E3 v5 for data center servers.
  • Relies on an Intel-provided driver and/or the OS for access to Intel SGX instructions and resource management
  • Executes within the context of its parent application, thereby benefiting from the full power of the Intel® processor
  • Reduces the trusted computing base of its parent application to the smallest possible footprint
  • Remains protected even when the BIOS, VMM, OS, and drivers are compromised, implying that an attacker with full execution control over the platform can be kept at bay
  • Benefits from memory protections that thwart memory bus snooping, memory tampering and “cold boot” attacks on images retained in RAM
  • Uses hardware-based mechanisms to respond to remote attestation challenges that validate its integrity
  • Works in concert with other enclaves owned or trusted by the parent application
  • Can be developed using standard development tools, thereby reducing the learning curve impact on application developers
  • Supports initial data center use (such as protected transport layer security (TLS) keystore management) as well as proof of concept and development work for future data center platforms and solutions. This includes encrypted database operations, trusted big data computing, network functions virtualization (NFV), and secure monitoring, blockchain, and other important data center security uses that leverage added data protection while in use.

Get the SDK

Intended for developers who want to enhance application security using Intel® SGX technology.
Download the SDK


Access the Development Services

Before applying for development services access, make sure to create a self-signed certificate or obtain a certificate from your certificate authority. See certificate requirements below.
Apply for Access


Request a Commercial Use License

Before distributing an application in release mode that's enabled for Intel® SGX, a company must request and receive a commercial use license and be technically onboarded.
Submit a Request

Security Certificate Requirements

See All Requirements

Update Certificate

Software Requirements

Supported operating systems for Intel SGX SDK:

  • Microsoft Windows* 7, 64 bit
  • Microsoft Windows* 8.1, 64 bit
  • Microsoft Windows® 10, 64 bit
  • Microsoft Windows® 10 Threshold 2, 64 bit
  • Ubuntu* version 14.04

Supported compiler for Intel SGX SDK installer:

  • Intel® Parallel Studio XE for Windows* Version 2015 Update 5
  • Microsoft Visual Studio* 2013 or 2015 Professional Edition is required as IDE

Supported Languages

Enclave binding interface supported in C and C++ only.