Kubernetes startup Tigera Inc. today debuted its newest product, Calico Cloud, which it says will enable enterprises to secure their software container environments more thoroughly.

Tigera is a San Francisco-based startup backed by investors that include Insight Venture Partners and NEA. It’s the developer of Project Calico, a popular open-source networking tool for Kubernetes that’s used by companies to power more than a million instances worldwide. Project Calico helps manage the network traffic in Kubernetes environments and provides security features for preventing cyberattacks.

Calico Cloud, the new service Tigera debuted today, extends the open-source version with numerous additional security capabilities. It also adds a tool called Dynamic Service Graph to make troubleshooting malfunctions easier. Calico Cloud, Tigera says, is the first cloud-native service that combines features for securing and troubleshooting Kubernetes environments in a single package.

Automated attack detection is one of the features customers receive out of the box. According to Tigera, Calico Cloud draws on third-party threat intelligence feeds to keep tabs on hacker activities. Using the information from those feeds as a reference, the service detects suspicious activity inside customers’ environments. 

To help enterprises lower the risk of a hacking attempt turning into a breach, Calico Cloud provides tools for reducing container infrastructure’s attack surface. The service encrypts data while it travels over the network and provides the ability to regulate where that data may be sent. Calico Cloud can prevent information from being transmitted outside a Kubernetes environment unless the traffic is headed to a trusted system, for example a third-party cloud database an application uses to store its records.

Calico Cloud also makes it possible to limit communications within a Kubernetes environment. Tigera has added in microsegmentation features that allow administrators to isolate workloads from one another unless they strictly need to share data. Such isolation reduces the impact of breaches by making it harder for hackers to use a vulnerable service to compromise other applications in the same cluster.

On top of the security features, Tiger has equipped Calico Cloud with problem resolution tools to help with day-to-day maintenance. A machine learning engine scans Kubernetes environments to identify components not in compliance with privacy regulations such as Europe’s General Data Protection Regulation. Meanwhile, a feature the startup calls Dynamic Service Graph displays the behavior of the individual containers in a cluster and how they interact to make diagnosing technical issues easier.

Tigera is offering Calico Cloud on a pay-as-you-go basis. There are two versions, Starter and Pro, that begin at five and eight cents per node per hour, respectively.

The approach of combining cybersecurity and maintenance features in one product is gaining traction elsewhere as well. Startup SecuriThings Inc. recently raised $14 million for its Horizon platform, which it positions as an integrated service for securing and maintaining “internet of things” devices. Such one-stop-shop solutions can be compelling for enterprises because procuring a single product is easier than buying separate security and operations tools, while administrators gain a simpler user experience thanks to the integrated interface.

Image: Unsplash