Tigera Announces General Availability of Container Security Features on Calico Cloud

With Calico Cloud, security teams can implement active container security, to prevent, detect, and mitigate security breaches during build, deploy, and runtime

San Francisco, August 31, 2022 – Tigera, which provides the industry’s only active Cloud-Native Application Protection Platform (CNAPP) with full-stack observability for containers and Kubernetes, today announced the General Availability (GA) of its new container security features, including malware protection during runtime, Image Assurance with container image scanning, runtime visibility of vulnerable workloads and admission control policies.

With the availability of these features in Calico Cloud, customers have a single container security solution to improve security posture, reduce attack surface with fine-grained security controls, and provide threat defense from network and host based threats. By identifying potential vulnerabilities in the build phase of the CI/CD pipeline, users can ultimately leverage a shift-left approach to security.

The new container security features available in Calico Cloud include:

  • Image scanning – Cloud-native application developers need access to safe and secure container images to build applications. Calico Cloud allows users to scan container images locally when needed, and export the results to share with stakeholders to improve their security posture. DevOps teams can utilize this approach to integrate the scanner utility in their CI/CD pipeline for a streamlined security operation model. Users can now get a detailed view of vulnerabilities in build images, providing a first line of defense against bad actors.
  • Vulnerability management with automatic blocking of failed images – Customers can achieve high compliance standards and reduce the risk of deploying vulnerable images with admission policy controls that automatically block the deployment of failed images within their CI/CD pipeline.
  • Visibility into high-risk workloads running in the environment – Teams can now prioritize remediation plans for existing workloads using a runtime view of high-risk workloads correlating with the image scan results. Using Calico’s security policies, these workloads can be isolated from the rest of the application giving development teams more time to fix the issues, thereby alleviating their burden.
  • Runtime threat defense from network and host-based threats – Calico Cloud offers runtime threat defense with malware protection and anomaly detection to protect containers and workloads from unknown threats and zero-day attacks. Calico’s malware detection engine uses a combination of machine learning and proprietary rulesets to identify suspicious activity in containers and workloads. Users can quickly build a security policy to quarantine and isolate the affected workload while developers work on mitigating the security issue. These new capabilities enhance Calico’s robust runtime threat defense features such as Intrusion Detection and Prevention (IDS/IPS), DDoS protection and workload-centric web application firewall (WAF).

“We are pleased to offer the only solution that takes an active approach to container security with a focus on prevention and risk mitigation throughout the application lifecycle, from development through production,” said Ratan Tipirneni, President and CEO of Tigera. “Unlike competing solutions, which are reactive and focused on vulnerability detection, threat detection and alerting, Tigera’s solution does not just identify vulnerabilities and threats. Instead, it actively prevents attacks and mitigates risk by applying a zero-trust security approach to reduce the attack surface and prevent the lateral movement of threats, thereby safeguarding sensitive data.”

Calico Cloud provides a unique solution that helps prevent and detect threats and mitigate risk in containers and Kubernetes environments across build, deploy and runtime stages.

Click here to learn more about Tigera’s solutions or request a free trial.

About Tigera
Tigera provides the industry’s only active Cloud-Native Application Protection Platform (CNAPP) with full-stack observability for containers, Kubernetes, and cloud. The company’s platform prevents, detects, troubleshoots, and automatically mitigates exposure risks of security issues in build, deploy, and runtime stages. Tigera delivers its platform as a fully managed SaaS (Calico Cloud) or a self-managed service (Calico Enterprise). Its open-source offering, Calico Open Source, is the most widely adopted container networking and security solution. Tigera’s platform specifies security and observability as code to ensure consistent enforcement of security policies, which enables DevOps, platform, and security teams to protect workloads, detect threats, achieve continuous compliance, and troubleshoot service issues in real time.

Powering more than 100M containers across 2M+ nodes in 166 countries, Calico software is supported across all major cloud providers and Kubernetes distributions, and is used by leading companies including AT&T, Discover, Merck, ServiceNow, HanseMerkur, RealPage, L3Harris, and Mindbody.

Contact:
Katherine Benfield for Tigera
Lumina Communications
tigera@luminapr.com

Join our mailing list

Get updates on blog posts, workshops, certification programs, new releases, and more!