Secure Erase

A command that sanitizes storage drives.

SE has been a part of the SATA and SAS specifications since 2011.

For HDDs

SE performs a single zero-fill pass.

For SSDs

Marks all blocks as empty. Instead of wiping each block directly, SE relies on the drives automatic garbage collector to actually wipe the data stored on those marked blocks. If the drive's firmware doesn't start that, then there's a chance that some data is recoverable, but that requires specialized analysis using dedicated hardware.

Instant SE

HDDs and SSDs that are self-encrypting support Instant SE. This invokes a SANITIZE command in the SATA and SAS standards to perform a cryptographic erasure. Self-encrypting drive use a media encryption key. When the SANITIZE command is invoked, the media encryption key is erased, ensuring that the data is irrecoverable for forever.