The ongoing trend of moving data and computation to the cloud is met with concerns regarding privacy and protection of intellectual property. Cloud providers strive to address these concerns by offering execution in isolated and trusted environments, removing themselves from the trust base. Trusted Execution Environments are built on two main pillars: attestation and isolation. The variety in the implementation of these two features is broad and ranges from pure hardware or software enforced access protection, to sophisticated schemes with complex cryptographic protection. However, the downside of stronger isolation and protection usually comes in terms of decreased performance. In this talk, we explore two attacks on AMD SEV highlighting why integrity protection is paramount to secure TEEs in untrusted environments.