TL;DR: Independent trust validation for confidential computing is moving into cloud infrastructure, with DigiCert and Google Cloud positioning cryptographic verification, certificates, and identity validation as a way to independently attest workload integrity. The governance shift is clear: infrastructure trust can no longer rely on provider assurances alone when regulated workloads and AI systems are in scope.
NHIMG editorial — what this means for NHI practitioners
By the numbers:
- Only 44% of organisations have implemented any policies to manage their AI agents, despite 92% agreeing that governing AI agents is critical to enterprise security.
- 59% of organisations face greater difficulties auditing machine identities, primarily due to lack of clear ownership and limited visibility.
- 69% of organisations now have more machine identities than human ones.
Questions worth separating out
Q: How should security teams govern trust for confidential computing workloads?
A: Security teams should treat confidential computing trust as a workload identity issue, not only an infrastructure issue.
Q: Why do confidential computing environments still need independent verification?
A: Because isolation protects data in use, but it does not automatically prove that the workload or environment is authentic.
Q: What breaks when attestation certificates are not managed like identities?
A: The attestation model loses operational value if issuance, renewal, expiry, and revocation are handled ad hoc.
Practitioner guidance
- Map attestation to workload identity ownership Assign a named owner for every confidential workload that depends on attestation evidence, and require that owner to manage certificate issuance, rotation, and revocation as part of the workload lifecycle.
- Define where provider assurance stops Document which processing flows can rely on cloud provider attestation and which require an independent trust root because of regulatory scope, data sensitivity, or cross-domain dependency.
- Integrate attestation into access decisions Require runtime trust evidence before allowing sensitive workloads to connect to downstream data, APIs, or orchestration services, especially where machine identity is the primary actor.
What's in the full announcement
DigiCert's full press release covers the operational detail this post intentionally leaves for the source:
- How the independent trust validation model is structured for confidential computing environments
- The specific role of cryptographic signatures, certificates, and identity validation in the attestation flow
- The collaboration details between DigiCert and Google Cloud around confidential workloads
- The product framing for regulated and security-sensitive cloud processing
👉 Read DigiCert's press release on independent trust validation for confidential computing →
Confidential computing trust validation: what changes for IAM teams?
Explore further
Independent trust validation is becoming a workload identity problem, not just a cloud assurance problem. Once sensitive processing moves into confidential computing, the organisation has to prove that the workload, the enclave, and the trust chain are genuine. That shifts the control discussion from provider confidence to evidence-based identity governance. The practitioner implication is that machine trust now needs lifecycle and verification discipline, not only infrastructure hardening.
A few things that frame the scale:
- Only 44% of organisations have implemented any policies to manage their AI agents, despite 92% agreeing that governing AI agents is critical to enterprise security, according to the 2026 Infrastructure Identity Survey.
- A separate finding from The Critical Gaps in Machine Identity Management report shows that 57% of organisations lack a complete inventory of their machine identities, which weakens any attempt to validate trust consistently.
A question worth separating out:
Q: When should organisations require an external root of trust for cloud workloads?
A: Organisations should require an external root of trust when provider assurances are not enough for audit, segregation, or regulatory confidence. The clearest cases are sensitive workloads, shared cloud environments, and AI processing where independent evidence of integrity matters. The decision should be based on risk and evidence requirements, not on convenience.
👉 Read our full editorial: Independent trust validation for confidential computing is maturing