Active security for
cloud-native applications

Reduce attack surface, detect threats, and actively mitigate risk of exposure

screenshot
screenshot

New market report: The state of cloud-native security 2022

Get insights and recommendations to guide your organization’s cloud-native security journey

Read the report >

Free O’Reilly ebook: Kubernetes security and observability

Learn how to adopt a holistic approach to securing containers and cloud-native applications

Learn more

Zero-Trust Assessment

Curious to know if your workloads are zero-trust compliant? Take our assessment to gauge the strength of your security posture!

Start Assessment

Cloud-Native Security Events & Workshops

Search for upcoming events and browse content from past events

Register

Trusted by global enterprises & startups

Active Cloud-Native Application
Protection Platform (CNAPP)

Active build and runtime security for containers & Kubernetes

Why Tigera?

Active build and runtime security for cloud-native applications

Reduce attack surface with zero trust

  • Zero-trust workload access
  • Identity-aware microsegmentation for workloads
  • Universal firewall integration
  • Envoy-based
    application-level security

Detect known and unknown threats

  • Protect workloads from container and network based threats
  • Workload-based WAF, IDS/IPS with deep packet inspection
  • ML-based zero-day workload threat identification
  • Protection from vulnerabilities and malware

Automatic risk mitigation

  • Dynamic Service and Threat Graph
  • Security policy recommender
  • Admission Controller
  • Alert, pause, quarantine, terminate compromised workloads

CNAPP solutions

Container Security

Protect containers during development and production. Reduce attack surface with vulnerability and misconfiguration detection. Provide runtime protection from known threats and zero-day vulnerabilities. Tigera’s CNAPP provides:

  • Image assurance
  • Configuration assessment
  • Runtime security

Zero-Trust Workload Security

Reduce attack surface with zero-trust workload access and identity-aware microsegmentation. Prevent ransomware, APTs, and DDoS attacks with Calico Cloud workload-level security controls. Tigera’s CNAPP delivers:

  • Zero-trust workload access controls
  • Identity-aware microsegmentation for workloads
  • Workload-based IDS/IPS, DDoS protection, DPI, and WAF

Compliance

Cloud-native application compliance for major standards.
Continuously monitor compliance with daily, weekly, and monthly audit reports.

  • PCI DSS, HIPAA, GDPR, SOC 2, NIST, CCPA, and any custom frameworks
  • Encryption
  • Evidence and audit reports

Observability & Troubleshooting

Monitor and troubleshoot service performance in real time. In case of a breach or vulnerability, get instant granular information on compromised services and evaluate blast radius.

  • Dynamic Service and Threat Graph
  • Performance hotspots
  • Dynamic Packet Capture

Calico product editions

Calico Open Source

Open-source networking and security for containers and Kubernetes

Learn More

Calico Cloud

Pay-as-you-go SaaS platform for cloud-native security

Learn More

Calico Enterprise

Self-managed platform for cloud-native security

Learn More
Compare Editions

Tigera - The inventors of Calico Open Source

The most widely adopted open-source security and networking solution for containers and Kubernetes

Calico Open Source by the numbers

150000
Nodes
10000
Clusters
10000000+
Docker Pulls
10000+
Enterprises
>2
of Fortune 100
2
Countries
Join the Community

Get started with CNAPP

Scale up your expertise

Resource Center

Become an expert in security, observability, and networking for containers and Kubernetes

Explore

Certifications

Gain the confidence you need to run mission-critical, cloud-native workloads in production

Get Certified

Documentation

Browse documentation

Learn More