A
secure enclave is a hardware-isolated coprocessor for handling sensitive operations — Apple's Secure Enclave (TouchID/FaceID), Intel SGX, ARM TrustZone — processing sensitive data without exposing it to the main OS.
Secure enclaves protect cryptographic keys and biometric data even from OS-level malware. iOS encryption keys never leave the Secure Enclave. Hardware-bound credentials prevent key extraction even with root access.