Buckypaper Confidential Virtual Machines (CVMs) is a virtualization product by enclaive that provides hardware-based security for sensitive workloads in cloud and multi-tenant environments. CVMs use hardware-based security features and secure enclaves to create isolated execution environments, ensuring that code and data remain protected even if the underlying infrastructure is compromised. The product is designed to address the limitations of on-premise infrastructure by offering a cloud-based alternative with strong confidentiality guarantees. Key security capabilities include workload isolation through confidential execution environments (CEEs), end-to-end encryption covering data at rest, in processing, and in transit, and protection against insider threats. The product is engineered for minimal performance impact, incurring only a 3% CPU cycle overhead from its encryption and protection mechanisms. Buckypaper CVMs are deployable on leading cloud infrastructures and can be integrated alongside non-confidential VMs in existing virtualized environments. Hosting is available across certified European datacenters that comply with standards including ISO 27001, BSI Grundschutz, and C5. The product is suited for industries handling sensitive data under regulatory requirements, such as financial services, healthcare, and organizations running cryptographic or proprietary operations. It supports secure multi-tenancy by providing isolated, encrypted spaces for each workload within shared environments.