Confidential Containers (CoCo) is a new technology that combines Confidential Computing with standard containerization features and capabilities.

Confidential Containers are implemented by the homonymous open-source community, working together in a CNCF sandbox project that leverages Trusted Execution Environments to protect containers and data. Specifically, the Confidential Containers project uses the OpenInfra Foundation project Kata containers runtime to launch memory-encrypted containers.