Active security for
cloud-native applications

Reduce attack surface, detect threats, and actively mitigate risk of exposure

 

Do you Know Calico?

Participate in our fun quiz and win cool prizes

Start the quiz >

New: Calico Certification for Azure

Explore features in Calico – Azure integration through hands-on labs

Sign up today

New Guide: 7 EKS Security Best Practices

For DevOps managing containerized workloads in EKS

Read now

Cloud-Native Security Events & Workshops

Search for upcoming events and browse content from past events

Register

Trusted by global enterprises & startups

Active Cloud-Native Application
Protection Platform (CNAPP)

Active build and runtime security for containers & Kubernetes

Why Tigera?

Active build and runtime security for cloud-native applications

Reduce attack surface with zero trust

  • Zero-trust workload access
  • Identity-aware microsegmentation for workloads
  • Universal firewall integration
  • Envoy-based
    application-level security

Detect known and unknown threats

  • Protect workloads from container and network based threats
  • Workload-based WAF, IDS/IPS with deep packet inspection
  • ML-based zero-day workload threat identification
  • Protection from vulnerabilities and malware

Automatic risk mitigation

  • Dynamic Service and Threat Graph
  • Security policy recommender
  • Admission Controller
  • Alert, pause, quarantine, terminate compromised workloads

CNAPP solutions

Container Security

Protect containers during development and production. Reduce attack surface with vulnerability and misconfiguration detection. Provide runtime protection from known threats and zero-day vulnerabilities. Tigera’s CNAPP provides:

  • Image assurance
  • Configuration assessment
  • Runtime security

Zero-Trust Workload Security

Reduce attack surface with zero-trust workload access and identity-aware microsegmentation. Prevent ransomware, APTs, and DDoS attacks with Calico Cloud workload-level security controls. Tigera’s CNAPP delivers:

  • Zero-trust workload access controls
  • Identity-aware microsegmentation for workloads
  • Workload-based IDS/IPS, DDoS protection, DPI, and WAF

Compliance

Cloud-native application compliance for major standards.
Continuously monitor compliance with daily, weekly, and monthly audit reports.

  • PCI DSS, HIPAA, GDPR, SOC 2, NIST, CCPA, and any custom frameworks
  • Encryption
  • Evidence and audit reports

Observability & Troubleshooting

Monitor and troubleshoot service performance in real time. In case of a breach or vulnerability, get instant granular information on compromised services and evaluate blast radius.

  • Dynamic Service and Threat Graph
  • Performance hotspots
  • Dynamic Packet Capture

Calico product editions

Calico Open Source

Open-source networking and security for containers and Kubernetes

Learn More

Calico Cloud

Pay-as-you-go SaaS platform for cloud-native security

Learn More

Calico Enterprise

Self-managed platform for cloud-native security

Learn More
Compare Editions

Tigera - The inventors of Calico Open Source

The most widely adopted open-source security and networking solution for containers and Kubernetes

Calico Open Source by the numbers

150000
Nodes
10000
Clusters
10000000+
Docker Pulls
10000+
Enterprises
>2
of Fortune 100
2
Countries
Join the Community

Get started with CNAPP

Scale up your expertise

Resource Center

Become an expert in security, observability, and networking for containers and Kubernetes

Explore

Certifications

Gain the confidence you need to run mission-critical, cloud-native workloads in production

Get Certified

Documentation

Browse documentation

Learn More