UPDATED 12:00 EST / FEBRUARY 16 2021

CLOUD

Tigera debuts Calico Cloud to make Kubernetes clusters more secure

Kubernetes startup Tigera Inc. today debuted its newest product, Calico Cloud, which it says will enable enterprises to secure their software container environments more thoroughly.

Tigera is a San Francisco-based startup backed by investors that include Insight Venture Partners and NEA. It’s the developer of Project Calico, a popular open-source networking tool for Kubernetes that’s used by companies to power more than a million instances worldwide. Project Calico helps manage the network traffic in Kubernetes environments and provides security features for preventing cyberattacks.

Calico Cloud, the new service Tigera debuted today, extends the open-source version with numerous additional security capabilities. It also adds a tool called Dynamic Service Graph to make troubleshooting malfunctions easier. Calico Cloud, Tigera says, is the first cloud-native service that combines features for securing and troubleshooting Kubernetes environments in a single package.

Automated attack detection is one of the features customers receive out of the box. According to Tigera, Calico Cloud draws on third-party threat intelligence feeds to keep tabs on hacker activities. Using the information from those feeds as a reference, the service detects suspicious activity inside customers’ environments. 

To help enterprises lower the risk of a hacking attempt turning into a breach, Calico Cloud provides tools for reducing container infrastructure’s attack surface. The service encrypts data while it travels over the network and provides the ability to regulate where that data may be sent. Calico Cloud can prevent information from being transmitted outside a Kubernetes environment unless the traffic is headed to a trusted system, for example a third-party cloud database an application uses to store its records.

Calico Cloud also makes it possible to limit communications within a Kubernetes environment. Tigera has added in microsegmentation features that allow administrators to isolate workloads from one another unless they strictly need to share data. Such isolation reduces the impact of breaches by making it harder for hackers to use a vulnerable service to compromise other applications in the same cluster.

On top of the security features, Tiger has equipped Calico Cloud with problem resolution tools to help with day-to-day maintenance. A machine learning engine scans Kubernetes environments to identify components not in compliance with privacy regulations such as Europe’s General Data Protection Regulation. Meanwhile, a feature the startup calls Dynamic Service Graph displays the behavior of the individual containers in a cluster and how they interact to make diagnosing technical issues easier.

Tigera is offering Calico Cloud on a pay-as-you-go basis. There are two versions, Starter and Pro, that begin at five and eight cents per node per hour, respectively.

The approach of combining cybersecurity and maintenance features in one product is gaining traction elsewhere as well. Startup SecuriThings Inc. recently raised $14 million for its Horizon platform, which it positions as an integrated service for securing and maintaining “internet of things” devices. Such one-stop-shop solutions can be compelling for enterprises because procuring a single product is easier than buying separate security and operations tools, while administrators gain a simpler user experience thanks to the integrated interface.

Image: Unsplash

Since you’re here …

Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!

Support our mission:    >>>>>>  SUBSCRIBE NOW >>>>>>  to our YouTube channel.

… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.