Kubernetes Security

Secure Kubernetes traffic within and outside the cluster to reduce risk, achieve compliance, and actively protect against security threats.

Zero-Trust Explainer Video


Visualize and secure Kubernetes network traffic across multiple applications, clusters, and environments in a single pane of glass

Reduce Attack Surface

Secure pod access and communication within and outside the cluster to minimize the attack surface area

Multi-Cluster Connectivity and Security

Enable connectivity & secure communication between workloads & services in different clusters. Share centralized services in a Kubernetes cluster with workloads across multiple clusters

Visibility and Compliance

Gain end-to-end traffic visibility to view service connectivity, identify security gaps, and troubleshoot performance issues

Trusted by Customers Worldwide

Calico is the chosen active security platform for enterprises small and large

Solution Architecture

Zero-Trust Workload Access Controls

Secure access from individual pods in Kubernetes clusters to external resources, including databases, internal applications, 3rd-party cloud APIs, and SaaS applications.

Deploy granular workload access controls using DNS egress policies to enforce controls and NetworkSets for access control using IPs/CIDRs.

Learn More

Egress Gateway

Identify the source of traffic at the namespace or pod level when it leaves a Kubernetes cluster to communicate to the external resource. Assign a fixed, routable IP to a Kubernetes namespace to identify workloads running within that namespace.

Learn More

Universal Firewall Integration

Extend the firewall’s zone-based architecture to Kubernetes clusters. Enforce security and compliance using the same security tools workflows that you use to protect non-Kubernetes workloads.

Learn More

Identity-Aware Microsegmentation

Achieve workload isolation and secure lateral communication between pods, namespaces, and services.

Logically divide workloads into distinct security segments and define granular security controls for each segment.

Learn More

Policy Lifecycle Management

Create, test, stage, deploy, and manage security policies.

Deploy recommended policies with a single click. Enforce hierarchical policy tiers and get real-time policy evaluations.

Learn More

Observability and Troubleshooting

Graph-based visualization of Kubernetes deployments, including images, pods, namespaces, and services.

Built-in troubleshooting capabilities to identify and resolve security and compliance gaps, performance issues, connectivity breakdown, anomalous behavior, and security policy violations.

Cluster Mesh

A centralized management plane to enable security, observability, and advanced networking for workloads and services across clusters.
Create, stage, preview, and deploy unified security policy controls, federated endpoints, and services.

Learn More

Available on Microsoft Azure and AWS Marketplace

Get started right away on Azure or AWS—every Calico component you need to get up and running is ready to go.

Customer Testimonial

Here’s what our customers are saying about us

Using Calico Enterprise, Aldagi achieved EU GDPR compliance and brought our online services to retail and corporate customers.
Vasili Grigolaia
Vice President of Engineering,
Read More
Read Customer Stories

Featured Resources

Developer-created resources to help you secure your Kubernetes deployment


Kubernetes Security Datasheet

Kubernetes deployments face unique security challenges. See how Calico can help in this solution datasheet.
Read More
White Paper

Access Controls for Containerized Workload Protection

Read our white paper on access controls best practices to secure your containerized workloads.
Read More
Case Study

Achieving Turnkey Kubernetes Security With Calico on AWS

Find out how Rafay achieved turnkey Kubernetes security using Calico on AWS.
Read More
All Resources

Ready to Get Started?

Start a free trial or contact us to see Calico in action