by Bikram Gupta | Aug 6, 2020 | Calico Enterprise, Cloud, Customer Newsletter, Cybersecurity, Microsegmentation
Microsegmentation is a security technique that is used to isolate workloads from one another. Microsegmentation limits the blast radius of a data breach by making network security more granular. Should a breach occur, the damage is confined to the affected segment. ...
by John Armstrong | Jun 11, 2020 | Blog, Calico Enterprise, Cybersecurity, Kubernetes
What is Lateral Movement? Lateral movement refers to the techniques that a cyber-attacker uses, after gaining initial access, to move deeper into a network in search of sensitive data and other high-value assets. Lateral movement techniques are widely used in...
by John Armstrong | May 27, 2020 | Blog, Calico Enterprise, Compliance, Cybersecurity, Firewall, Kubernetes, Network Policy
New applications and workloads are constantly being added to Kubernetes clusters. Those same apps need to securely communicate with resources outside the cluster behind a firewall or other control point. Firewalls require a consistent IP, but routable IPs are a...
by John Armstrong | Mar 24, 2020 | Blog, Calico Enterprise, Compliance, Cybersecurity, Fortinet, Kubernetes
What Problems are We Solving? Container use continues to grow, and Kubernetes is the most widely adopted container orchestration system, managing nearly half of all container deployments.1 Successful integration of container services within the enterprise depends...
by Manish Sampat | Oct 2, 2019 | Cybersecurity, Firewall
Researchers at Netflix and Google recently reported a vulnerability in the HTTP/2 protocol that enables adversaries to execute a DOS attack by legitimate use of the protocol. These types of attacks are very difficult to detect and mitigate because the traffic is valid...
by Shaun Crampton | Jun 4, 2019 | Calico, Cybersecurity, Networking
In this article, we’ll explore Calico’s denial-of-service (DoS) mitigation features, including XDP-optimisation support introduced in Calico v3.7. Using Calico Policy for DoS Mitigation During a DoS attack, a cluster can receive massive numbers of...
