It's about reducing the size and attack surface of the most-privileged code which runs in the system, e.g. moving code out of the kernel, making hypervisor/VMM smaller, nested VMs, hardware enclaves. This video covers some of the changes over the last decade, including Xen and Bromium,
https://youtube.com/watch?v=bNVe2y34dnM