Tigera is the inventor and maintainer of Calico Open Source. We enable organizations of all sizes in various industries to secure, observe, and troubleshoot cloud-native applications in Kubernetes environments. Our commercial products include Calico Enterprise, a self-managed security and observability platform, and Calico Cloud, a next-generation, Kubernetes-native cloud service that extends the declarative nature of Kubernetes. Calico specifies "security and observability as code," which ensures consistent enforcement of security policies and compliance, and provides observability and troubleshooting across multi-cluster, multi-cloud, and hybrid deployments. Tigera's solutions are used by leading companies, including AT&T, Discover, Merck, ServiceNow, HanseMerkur, RealPage, L3Harris, and Mindbody.
Cloud-native applications deployed in Kubernetes have ephemeral components with dynamic IPs that are distributed across multiple clusters, clouds, and hybrid environments. This makes it impossible to secure and troubleshoot these applications using traditional approaches. We solve this by enabling DevOps teams to specify security and observability as code (SOaC). SOaC is the configuration of security and observability at deployment time employing Kubernetes primitives and declarative models, using the same versioning that DevOps teams use for source code.
Following the principle that the same source code generates the same binary, a SOaC approach ensures that any Kubernetes component generated with the code has the exact same security and observability confirmation regardless of the deployment model, type of distribution, or container type.Watch the Video
We are Kubernetes-native and offer rich security and observability functionality by deeply integrating with Kubernetes’s core. We provide this functionality in Kubernetes clusters by adding new custom APIs and controllers, as well as providing infrastructure plugins for the core components of networking, storage, and container runtime. Being Kubernetes-native, we work with the Kubernetes command line interface (kubectl), which can be seamlessly integrated with Kubernetes features such as role-based access control (RBAC), service accounts, audit logs, etc.
Calico offers a number of additional custom resource definitions (CRDs) that extend Kubernetes APIs. Examples include GlobalNetworkPolicy, GlobalThreatFeed, GlobalAlerts, PacketCapture, StagedNetworkPolicy, and HostEndpoint.
Since Calico is Kubernetes-native, all of its security and observability features can be accessed via Kubernetes API server, making it possible to programmatically configure functionality.
Being Kubernetes-native means that the same functionality will work across multiple clusters, distributions, and deployment models.
We are committed to developing, cultivating and supporting open source projects and communities.
Project Calico: We are the creator and maintainer of Project Calico, which delivers open source Calico, the most widely adopted solution for Kubernetes networking and security, powering 1M+ nodes daily across 166 countries.
eBPF and Envoy: We actively use and promote popular open source projects like eBPF and Envoy. Calico provides a pluggable data plane architecture enabling support for multiple data planes, including standard Linux, eBPF, and Windows. Calico also integrates with Envoy to provide observability functionality.
The global Calico community is large and growing. We deliver more than 100 free technical training sessions annually to thousands of community members. We also offer free, self-paced Calico certification programs.
Calico is used by some of the world's leading companies, including HanseMerkur, Merck, Mindbody, RealPage, L3Harris, Discover, AT&T, and ServiceNow.