Sign in

Edgeless Systems

From small businesses to large enterprises, the public cloud has become an important driver for innovation and cost savings. But the rapid implementation of cloud-based services comes with compliance and security challenges, especially for those industries working with sensitive data.

At Edgeless Systems, we believe that data security is imperative. Our mission is to build easy-to-use, open-source tools that empower you to protect your most valuable data in a cloud-first world.

Today, we are excited to announce the latest addition to our product portfolio: EdgelessDB, the first true confidential database.

EdgelessDB is a full SQL database that runs entirely inside…


The EGopher

Confidential computing enables the always-encrypted and verifiable processing of data — in the cloud and elsewhere. Developing confidential apps used to require arcane knowledge and significant code changes. With EGo, you can skip that and develop your Go code as usual. With EGo, you don’t need to refactor your app to run it in a secure enclave. Just use three simple commands to build, sign, and run your code — be it 10 or 100,000 lines of Go with complex dependencies. Best thing? EGo is completely open-source.

In this blog post, we share EGo’s design approach, the biggest challenges we…


We are thrilled to announce that Edgeless Systems just raised a €1.45 million seed round from Acequia Capital (US), Inventures (DE), SIX Group AG (CH), Venture Creator (DE), and individual angel investors. With the new funding, we can continue our mission to build the open-source software stack for cloud-native confidential computing.

Confidential computing combines hardware and software to make computing more trustworthy. It is a set of strict technical measures that keep data encrypted while it is being used in the cloud, overcoming a major barrier to cloud adoption in business. …


Hey there 👋 If you’ve found you way to this blog, you’re probably aware of confidential computing and its open-source landscape. In this context, we’ll today talk about the recent support for Occlum-based workloads we added to our Marblerun framework. But before we dive into the details, let’s recap what both projects are about.

What is Occlum?

Occlum is a memory-safe, multi-process library OS for Intel SGX. In short, it is simplifying the programming of apps in secure enclaves. Those of you who have tried to transfer your existing code to enclaves know how long it can take to adapt hundreds of lines…


In this article, we are going to look at how cloud applications are built today and how the principles of Confidential Computing can be applied to them. We will also show you how easily this can be achieved by using our tools EGo and Marblerun.

When we started our development cycle some time ago, we asked ourselves one central question “How would you like to build Confidential Computing applications?”. What we found is that there is a large community called the Cloud Native Landscape, who have built a vast ecosystem of open-source tool stacks. When people develop new cloud services…


Are you interested in Confidential Computing but not sure where to start? We’re here to help. Let’s take a look at the basics of Confidential Computing, the types of problems that you can solve with it and some use cases that provide some insight into the game-changing nature of this field.

The fundamental problem can be summarized in one short sentence: computers are still not trustworthy enough. Customers do not trust companies with their data, companies do not trust the cloud, nobody trusts anyone. The underlying reason is that our compute stacks look like the one pictured — we have…


In recent years, cloud services have proven itself as indispensable in the consumer space. From personal file backups on web drives to AI-assisted smartphone applications, it is hard to imagine the current device landscape without cloud functionality.

Especially for businesses, cloud computing can unlock tremendous potential, e.g. by distributing data analyses across scalable IT infrastructure. However, companies are still reluctant to migrate to Infrastructure-as-a-service platforms due to security and flexibility concerns. …


Confidential Computing (CC) is a very exiting up-and-coming security technology, named one of the Top 10 Digital Transformation Trends for 2021 by Forbes Magazine!

In a nutshell, Confidential Computing enables the always encrypted and verifiable processing of data on potentially untrusted computer systems — could be your own computer or a machine in the cloud (for more information scroll down to our post “Why do we need Confidential Computing?” released on Nov. 24th).

While this addresses many security and privacy problems and enables exciting new data-driven business models, only few people know how to use Confidential Computing and even fewer…


Great to have you back - welcome to the final episode of our mini series! To recap, we discussed the basics of confidential computing in the first post and the basics of service meshes in the second post. Now it’s time to put the two together.

Why can’t we just use a normal service mesh for confidential computing apps?

We already established that there are two main problems when it comes to using normal services meshes for confidential computing:

1. Encrypted service-to-service communication needs to terminate inside secure enclaves instead of separate sidecars. Otherwise an attacker could just tap the service-to-sidecar communication, manipulate the sidecar, etc.

2. A crucial aspect of confidential computing…


Thanks for staying with us! In the previous post we discussed the question of “Why do we need confidential computing?” This time, we’ll discuss the next question on our agenda.

Why do we need a service mesh?

Ok, so what actually is a service mesh to begin with? William Morgan the CEO of Buoyant, the company behind Linkerd, one of the “big 3” services meshes, wrote a great post about the whats, the whys and the hows.

In summary, in a microservice architecture, an app is split up into (micro-)services, each fulfilling a certain task.

Edgeless Systems

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store