MarbleRun

The easiest way to orchestrate enclaves

MarbleRun takes care of remote attestation, key management, and many other core tasks in a cluster of Intel SGX enclaves. Think "service mesh for enclaves."

GitHub Enterprise support

Manage and mesh your enclaves securely

MarbleRun horizontal main graphicMarbleRun vertical main graphic
key icon

Key management, mTLS, and recovery

MarbleRun securely manages keys for your enclaves, provisions secrets, sets up mTLS connections, and enables secure recovery.

Magnifying lens icon

Whole cluster attestation

MarbleRun provides one succinct attestation statement for your cluster, proving that your cluster adheres to a given manifest.

Compatibility icon

Wide compatibility

MarbleRun can be installed on any SGX-enabled Kubernetes or used standalone. It supports enclaves built with Gramine, EGo, or Occlum.

Easy-to-use

Getting MarbleRun up and running only requires a handful of steps.

  1. Build enclaves for MarbleRun. EGo-based enclaves even work out-of-the-box.
  2. Define manifest in simple JSON.
  3. Install MarbleRun and set a manifest using the CLI.

Tip: MarbleRun works great on SGX-enabled AKS on Azure.

Get started
Self driving car camera view stock image

Learn how MarbleRun enables Bosch’s confidential AI pipeline in the public cloud

Bosch set up a highly scalable AI pipeline on Microsoft Azure that provides encryption in key parts of the video and image processing mechanism. Everything is done respecting European regulations and privacy, with no loss to analysis capabilities, and at a reasonable cost, thanks to the flexibility of a public cloud.

Read the case study Watch the presentation
Lightbulb icon
  • Is MarbleRun the right choice for my project?

MarbleRun is a tool for experts who aim to minimize the trusted computing base and do not shy away from adapting apps and writing app-specific manifests. If your goal is to shield the entire Kubernetes cluster with zero changes, our product Constellation is the better choice.

Learn more about Constellation

“It’s great to see how MarbleRun makes Gramine-based confidential workloads scalable. Looking forward to seeing the two grow together.”

Mona Vij

Principal Engineer at Intel Labs

“Within our innovation efforts in the area of confidential computing, we are actively cooperating with Edgeless Systems. EGo and MarbleRun facilitate the development effort and help to focus on solving the customer problems and implementing business logic in cloud environments.”

Ivan Gudymenko

IT Security Architect at T-Systems

Get started with MarbleRun

Enterprise support Read the docs