Tigera

San Francisco, CA, USA
2016
Sep 20, 2022   |  By Amit Gupta
As enterprises adopt containers, microservices, and Kubernetes for cloud-native applications, vulnerability management is crucial to improve the security posture of containerized workloads throughout build, deploy, and runtime. Securing your build artifacts and deployment pipeline, especially when it comes to images, is extremely important.
Sep 13, 2022   |  By Joseph Yostos
Summer is almost over but we are bringing the heat back with the official release of Tigera’s new container security features. With this official launch, Calico leads the industry by offering a complete line of solutions across every stage of a cloud-native application CI/CD pipeline.
Sep 6, 2022   |  By Suki Lam
Whether you’re migrating to the cloud via lift-and-shift deployments, or re-architecting to a cloud-native architecture, the migration itself and adopting a microservices architecture is no easy feat. To accelerate their cloud-native journey, many organizations opt for a managed Kubernetes service, as the skill and resources required to run a container orchestration system at scale are demanding.
Aug 30, 2022   |  By Ratan Tipirneni
As more and more applications and application development move to the cloud, traditional security roles and organizational structures are being shaken up. Why is that and what are the benefits of a cloud-first approach for business?
Aug 9, 2022   |  By Dhiraj Sehgal
As more enterprises adopt containers, microservices, and Kubernetes for their cloud-native applications, they need to be aware of the vulnerabilities in container images during build and runtime that can be exploited. In this blog, I will demonstrate how you can implement vulnerability management in CI/CD pipelines, perform image assurance during build time, and enforce runtime threat defense to protect your workloads from security threats.
Jul 26, 2022   |  By Giri Radhakrishnan
A couple of days ago, I was checking my Twitter feed and saw a tweet from someone saying how frustrated he was that DockerHub (a renowned container registry) was down. Someone else replied to the tweet, recommending the tweet’s author to check out Google’s repository, where they have DockerHub mirrors in Google Cloud.
Jul 19, 2022   |  By Ratan Tipirneni
From a people perspective and an organizational standpoint, many CISOs have said that their security teams are not ready for containers and Kubernetes. This isn’t surprising, given the stark contrast between where we were less than a decade ago and where we are today in terms of systems architecture. I am of course referring to the cloud-native era, which has ushered in a whole new architectural approach.
Jul 12, 2022   |  By Joseph Yostos
Container-based web applications built on microservices architecture, whether public-facing or internal, are critical to businesses. This new class of applications is commonly referred to as cloud-native applications. Read on to find out why traditional WAFs are no longer enough to protect cloud-native applications and how Calico’s new workload-centric WAF solves this problem.
Jun 23, 2022   |  By Giri Radhakrishnan
In my previous blog, I introduced the brief history of zero trust, the core pillars of a zero-trust model, and how to build a zero-trust model for cloud-native workloads. In this blog, you will learn how Calico can help mitigate vulnerabilities such as the recent zero-day Log4j vulnerability with its zero-trust workload security approach.
Jun 14, 2022   |  By Senthil Nithiyananthan
As organizations transition from monolithic services in traditional data centers to microservices architecture in a public cloud, security becomes a bottleneck and causes delays in achieving business goals. Traditional security paradigms based on perimeter-driven firewalls do not scale for communication between workloads within the cluster and 3rd-party APIs outside the cluster.
Jun 11, 2021   |  By Tigera
Compliance automation is a commonly overlooked area of Kubernetes observability. The question is: how do you automate compliance to a security framework that isn’t well understood by DevSecOps teams to begin with? This lack of understanding contributes to mismanaged compliance efforts and in a worst-case scenario, audit exposures and organizational risk. This talk will walk through an example of how to 1) map compliance controls to specific Kubernetes technical configuration 2) automate the assessment of those controls 3) visualize the assessment results. DevSecOps teams will better understand how to incorporate compliance automation alongside security automation.
Jun 11, 2021   |  By Tigera
"Companies of various sizes are building their applications on Kubernetes because it provides significant operational benefits like autoscaling, self-healing, extensibility, and declarative deployment style. However, the operational benefits are only a starting point down the path of building a secure and observable platform that enables the continuous delivery of application workloads. This session shows how to build a fully operational platform, leveraging platform-oriented building blocks to address network security and observability.
Jun 11, 2021   |  By Tigera
As more production workloads migrated to the cloud, the need for Intrusion Detection Systems(IDS) grew to meet compliance and security needs. With the number of workloads in each cluster, IDS needs to be efficient to not take up the shared resources. Techniques such as packet inspection and web application firewalls provide a solid defense against threats and by leveraging the cluster's network control pane, we are able to selectively choose vulnerable workloads and provide an easy way to trace back to the origin of the attack.
Jun 11, 2021   |  By Tigera
Learn how eBPF will bring a richer picture of what's going on in your cluster, without changing your applications. With eBPF we can safely collect information from deep within your applications, wherever they interact with the kernel. For example, collecting detailed socket statistics to root-cause network issues, or pinpointing the precise binary inside a container that made a particular request for your audit trail. This allows for insights into the behavior (and security) of the system that previously would have needed every process to be (manually) instrumented.
Jun 11, 2021   |  By Tigera
Attackers are continuously evolving their techniques to target Kubernetes. They are actively using Kubernetes and Docker functionality in addition to traditional attack surfaces to compromise, gain required privileges and add a backdoor entry to the clusters. A combination of Kubernetes security and observability tools is required to ensure the cloud infrastructure monitoring and lockdown and to enable DevSecOps teams with the right tools for the job.
Jun 11, 2021   |  By Tigera
It’s a daunting task starting down the path to securing your workloads running on Kubernetes in the Cloud. There are no shortages of vendors with great tools in the Cloud security space. There is a multitude of domains that must be accounted for, along with internal challenges in bringing an organization along into new ways of thinking. This talk will focus on Discover’s Cloud security journey, with an overview of how the program has evolved over the last 4 years, key capabilities & concepts that have been embraced and challenges faced.
Jun 11, 2021   |  By Tigera
Security as an afterthought is no longer an option and must be deeply embedded in the design and implementation of the products that will be running in the cloud. It is increasingly more critical for many security teams to be almost, if not equally, knowledgeable of the emerging and rapidly evolving technology. Join Manish Sampat from Tigera, as explores the topic in detail with Stan Lee from Paypal.
Jun 11, 2021   |  By Tigera
Security is critical for your Kubernetes-based applications. Join this session to learn about the security features and best practices for safeguarding your Kubernetes environments.
Apr 21, 2021   |  By Tigera
Through practical guidance and best practice recommendations, this book will help you understand why cloud-native applications require a modern approach to security and observability practices, and how to adopt a holistic security and observability strategy for building and securing cloud-native applications running on Kubernetes.
Nov 2, 2020   |  By Tigera
A step-by-step eBook covering everything you need to know to confidently approach Kubernetes networking, starting with basic networking concepts, all the way through to advanced Kubernetes networking with eBPF.
Feb 26, 2019   |  By Tigera
Discover how Tigera can help you achieve a scalable, secure, and compliant approach to containers on AWS.
Feb 26, 2019   |  By Tigera
This whitepaper explains five best practices to help meet network security and compliance requirements for modern microservices stack.
Feb 1, 2019   |  By Tigera
This guide contains detailed technical instructions on how to install and configure network security on Kubernetes platforms.
Jan 1, 2019   |  By Tigera
Tigera commission an unbiased, third-party research firm to speak with enterprise security professionals to understand the state of network security with modern applications.
Dec 1, 2018   |  By Tigera
OpenShift provides a declarative, automated platform to integrate developer workflows into application deployments leveraging open source building blocks such as Kubernetes.
Nov 1, 2018   |  By Tigera
Applying a uniform policy framework allows enterprises to achieve consistent network policy across multiple container orchestrators.
Oct 1, 2018   |  By Tigera
Using simplicity to deliver the performance, stability, and manageability for application connectivity at scale in cloud native platforms such as Kubernetes.

Kubernetes is being adopted by every major enterprise on the planet for deploying modern, containerized applications. However, containers are highly dynamic and break their existing security models. Tigera provides zero-trust network security and continuous compliance for Kubernetes platforms that enables enterprises to meet their security and compliance requirements.

Tigera’s technology is recognized and trusted as the de facto standard for Kubernetes network security. Our open source software, Tigera Calico, provides production-grade security, and our commercial offerings layer on advanced security capabilities, enterprise controls, and compliance reporting.

Kubernetes Requires a Modern Approach to Security and Compliance:

  • Zero-Trust Network Security: With 40% or more of all breaches originating from within the network, you must always have to assume that something has been compromised. Applications running on Kubernetes make heavy use of the network for service to service communication. However, most clusters have been left wide open and are vulnerable to attack. A zero trust approach is the most secure way to lock down your Kubernetes platform.
  • Continuous Compliance: Kubernetes is dynamic and constantly changing. Moments after a compliance audit is completed the environment will have changed again. A continuous compliance solution is the only way to prove that your security controls have been implemented properly now and historically.
  • Visibility and Traceability: Applications running on Kubernetes Platforms have constantly changing IP addresses and locations that makes it impossible to use traditional flow logs to debug issues and investigate anomalous activity. The only accurate approach is to use Kubernetes labels and workload identity in your netflow logs.
  • Multi-cloud and Legacy: Many applications running on Kubernetes will not be greenfield. Applications often need to communicate securely with other systems outside of the cluster, such as on-premises or cloud-based VMs, bare metal servers and databases. To achieve zero trust security for Kubernetes, your security policies must be capable of expanding beyond the cluster.

Zero Trust Network Security and Continuous Compliance for Kubernetes Platforms.