They removed SGX but are still working on SGX-like technologies (I forget the acronyms) specifically for server-oriented processors.

I'm sure the NSA already has various tools to break SGX but they'll be protective of that investment, they're probably not going to be using them against lower-priority targets.

I used NX and ASLR as a point of comparison because they are mitigations that are routinely bypassed - but we still usually consider them a good idea.