Tigera’s Calico Cloud is built with security in mind and includes features engineered to keep customer information safe. Calico Cloud is designed to support the needs of our customers for security, compliance, and privacy. This page is a resource for our customers who would like to better understand how Calico Cloud both meets and help ensure compliance with data protection laws and regulations across the United States, Asia, and Europe.
Calico Cloud is certified with Cloud Security Alliance and you can download the report from here (Tigera Inc | Cloud Security Alliance). We have end-to-end encryption for data in transit and customer information is encrypted at rest. Calico Cloud supports RBAC and Token based authentication
Calico Cloud is SOC 2, CCPA, GDPR compliant. Our payment processing system is PCI compliant. Further, we perform yearly PEN test to ensure compliance and the report is available to customers upon request
Built for the cloud, Calico Cloud leverages the most sophisticated cloud security technologies available. The result is a service that is secure and resilient, giving organizations the confidence to enable their Kubernetes security and observability with Tigera
If you believe that you have identified a vulnerability in Calico Cloud, Calico Enterprise, or Project Calico, please submit a vulnerability report at firstname.lastname@example.org. Reports may be submitted anonymously. All reports should include the following information:
Upon receiving a vulnerability report, Tigera will take the following steps:
We appreciate the efforts of security researchers who discover and share security information with us. Thank you for your cooperation and collaboration with us.