There are a few other options - Arm Trustzone, AMD SEV, RISC-V PMP, Nitro enclaves, etc, which all come with different features. Nitro enclaves does not have remote attestation, and AMD SEV includes the hypervisor in the TCB. We chose SGX because (1) it's the most mature, (2) it has the most complete feature set, especially remote attestation, which is critical for verifying that you're actually talking to the program you expect.

I have a confidential computing section in my notes if you'd like to take a look