Tigera Extends Calico Commercial Editions' Capabilities
May 22, 2024

Tigera launched new features for Calico Enterprise and Calico Cloud, extending the products' Runtime Threat Defense capabilities.

Through Calico, Tigera equips security, DevOps, and platform engineering teams with the deep visibility and monitoring required to bolster the security of their container platforms and containerized applications. The latest updates to Calico build on this, with improved capabilities to observe and secure workload communication with Calico policies, deploy and operationalize runtime threat detection, and monitor workloads for potentially malicious activity.

- Improved Visibility and Faster Troubleshooting: Observability is a vital component of Calico's observability is network flow logs. With the updates to Calico, Tigera has added new entry points to view flow logs directly from the endpoints listing as well as View Policy pages within the product's user interface. Instead of switching between different dashboards, users can now easily visualize which endpoints are involved in denied traffic, filter these workloads, and view associated flows. Enhancements to the View Policy pages also offer users a comprehensive visualization of the flows that have recently been evaluated by that policy, to help make sense of denied traffic or updates to rules. These visualization improvements will help users shorten troubleshooting time and speed up resolution.

- Simplify Security Operations for Runtime Threat Detection: Security events are generated from runtime threat detection features, such as intrusion detection and prevention (IDS/IPS), workload-centric Web Application Firewall (WAF), network and container-based anomaly detection. These security events contain contextual metadata that helps facilitate the analysis and response to potential threats. This Calico update introduces enhancements to security events that help operationalize runtime threat detection.

Tigera is launching a new dashboard, which summarizes and correlates security events, helping practitioners understand how events map across namespaces, MITRE techniques, event types, and attack phases. Overall, this allows users to quickly make sense of potential threats, engage the right stakeholders, and start the incident response and investigation process.

Managing ‌alert fatigue for security events has also been bolstered. Calico has new features that allow users to create custom exceptions with varying levels of scope, from excluding an entire namespace to a specific deployment or workload. These capabilities enable operators to fine-tune their runtime threat detection mechanisms currently deployed and focus investigations and response on their critical applications and infrastructure.

In addition, Calico now automatically performs a geolocation lookup for security events that contain external IP addresses to quickly distinguish between legitimate and malicious traffic. With this release, security events are also available via a webhook, enabling quick and easy direct integration with 3rd-party tools such as Jira and Slack, as well as supporting integration with other HTTP endpoints preferred by organizations.

- Improvements to Workload-Centric WAF to Protect Your Entire Cluster from OWASP Top 10 attacks: As more cloud-native applications adopt a microservices-based architecture, the number of services exposing application-layer APIs has exponentially proliferated. In such distributed applications, detecting lateral movement of threats is crucial. Traditional web application firewalls (WAFs) are insufficient, enabling some threat actors to bypass perimeter-only inspection. Calico's distributed workload-centric WAF was built to address this attack vector and protect service-to-service communication. Calico's workload-centric WAF can now be deployed to the ingress gateway at the edge of the cluster to protect your entire cluster from OWASP Top 10 attacks. This enhancement delivers the industry's most comprehensive WAF solution for containers and Kubernetes.

"Modern organizations rely on containerized applications to run business operations and deliver core products and services," said Amit Gupta, Chief Product Officer at Tigera. "These latest updates to Calico underpin our ongoing commitment to providing organizations with a unified view of their containerized environments. We continue to innovate to provide comprehensive monitoring, analysis and visibility into potential threats to enable quick identification and mitigation of risks, and proactively enhance container and Kubernetes security posture."

- Support for ARM64: Tigera has also introduced ARM64 support for Calico Enterprise. The ARM architecture offers remarkable price-to-performance gains, making it an increasingly attractive choice for organizations. By incorporating ARM64 support into its products, Tigera ensures that customers can fully leverage the advantages of this architecture.

Share this

Industry News

June 12, 2024

GitLab announced the public beta of expanded integrations with Google Cloud that will help developers work more effectively, quickly, and productively.

June 12, 2024

Pulumi announced Pulumi Copilot, AI for general cloud infrastructure management.

June 12, 2024

Harness completed the acquisition of Split Software, a feature management and experimentation provider, effective June 11, 2024.

June 12, 2024

Amplitude announced six new and expanded integrations that make it easier for businesses to understand customer behavior and build better experiences.

June 11, 2024

Check Point® Software Technologies Ltd. announced CloudGuard WAF-as-a-Service (WAFaaS) — an automated, AI-powered, web application firewall, that offers organizations a fully managed solution to prevent cyber threats and protect web applications from unauthorized access and data breaches.

June 11, 2024

Pegasystems announced an expansion of its Pega GenAI™ capabilities to connect to Amazon Web Services (AWS) and Google Cloud’s Large Language Models (LLMs).

June 11, 2024

Mirantis announced k0smotron 1.0 – delivering production-grade Kubernetes cluster management with efficiency and flexibility.

June 10, 2024

Pegasystems introduced a set of new enhancements and an improved user interface for Pega GenAI Blueprint™ – the app design-as-a-service tool that empowers organizations to reimagine their mission-critical workflows.

June 10, 2024

Sonar announced the expansion of its collaboration with Amazon Web Services (AWS) to help enterprises achieve high-quality code that is clean.

June 10, 2024

Mend.io announced the launch of Mend AI, a new tool designed to identify, track, and secure AI models and AI-generated code.

June 06, 2024

Mirantis announced a collaboration with Pure Storage®, enabling customers to use Mirantis Kubernetes Engine (MKE) with the Portworx® container data management platform to automate, protect, and unify modern data and applications at enterprise scale – reducing deployment time by up to 50%.

June 06, 2024

Writer announced Writer AI Studio, a suite of new development tools that make it fast and easy for business users and developers to reinvent workflows with generative AI.

June 06, 2024

Dataloop announced its integration with NVIDIA NIM inference microservices.

June 05, 2024

Digital.ai announced the launch of Erawan, the next iteration of its open, AI-powered DevSecOps platform.

June 05, 2024

Tricentis announced new integrations and AI capabilities that help support customer adoption of SAP S/4HANA Cloud.