Intel is collaborating with Microsoft to bring its Intel Accelerated Memory Scanning to Windows Defender Advanced Threat Protection. The initiative is part of Intel Threat Detection Technology and uses silicon to better detect malware.
According to Intel, AMS offloads memory scanning from Intel CPUs to its integrated graphics chips. This should result in less resource hogging when performing other tasks, and more frequent malware scanning in the same power envelope.
The idea is to help detect malware that avoids traditional file-based techniques in a bit to bypass virus scans. Though anti-malware software can scan system memory, it comes at significant performance cost, which discourages regular scans.
According to Intel’s measurements, Accelerated Memory Scanning can put the processor load from 20% to just 2%. Windows Defender ATP will take advantage of all Intel integrated graphics cores, and seems to be the main partner for now.
Advanced Platform Telemetry
It will be combined with a second technology under the Intel TDT umbrella. Intel Advanced Platform Telemetry uses platform telemetry and machine learning to improve detection, reduce performance impact, and cause fewer false positives.
This will be utilized first by Cisco in its Tetration Platform, which seeks to bring better security to data centers and cloud workloads.
In general, the release comes at a good time for Intel. In the wake of the Meltdown and Spectre CPU flaws, it’s vital that it proves to its customers and investors that it takes security seriously.
“Intel is committed to helping secure the digital world, beginning with a secure foundation at the silicon level,” said Rick Echevarria, vice president in the software and services group. “Together with our industry partners – and in line with our security first pledge – we will continue to work tirelessly to safeguard our customers and their data.”