Security posture management
Comprehensive visibility
Address weaknesses and strengthen overall security posture with comprehensive security posture overview. Identify vulnerabilities, misconfigurations, and network exposure and proactively prioritize remediation with actionable recommendations. Monitor security posture trends.
Security posture management
Vulnerability management
Stop security threats before they strike. Scan images for vulnerabilities during the build process. Automatically block the deployment of high-risk images. Continuously scan production workloads and recommend network policies to deploy virtual patching for risky workloads.
Security posture management
Configuration security & compliance
Strengthen your Kubernetes configuration with CIS benchmarks. Achieve compliance with enterprise controls and industry regulations such as SOC2, PCI DSS, HIPAA, GDPR and others. View compliance history and export auditor-ready compliance data anytime.
Security posture management
Network security
Prevent security breaches with robust network security posture. Limit egress traffic by IPs, domains and IP subnets (CIDRs). Automatically identify namespace boundaries and recommend policies for namespace isolation. Implement any custom microsegmentation strategy.
runtime threat detection
Threat detection
Proactively detect and prevent known and zero-day attacks. Block network-based malware and OWASP top 10 attacks with intrusion detection and prevention (IDS/IPS) and WAF. Detect zero-day attacks by monitoring and analyzing container and network activity for suspicious behavior.
runtime threat detection
Incident response
Respond to threats swiftly, ensuring your environment remains secure. Use Calico security events dashboard or export security events to your SIEM. Use forensics tools to identify attackers and deploy virtual patching controls.
High-availability networking
High-availability networking, offering blazing fast performance with a pluggable dataplane architecture supporting standard Linux, eBPF, Windows, and VPP. Calico’s egress gateway assigns static IP addresses to egress traffic, to integrate with firewalls, databases, & legacy applications.
Cluster mesh
Enable seamless connectivity and enhanced security for your multi-cluster Kubernetes applications. Provides effortless connectivity, service discovery, network security and observability for your multi-cluster environments. Deploy an operationally simpler alternative to a service mesh.
Network security
Prevent security breaches with robust network security posture. Limit egress traffic by IPs, domains and IP CIDRs. Automatically identify namespace boundaries & recommend policies for namespace isolation. Implement any custom microsegmentation strategy. Rich policy management tools.
Observability
Enhance network visibility for better security and faster troubleshooting. Gain a comprehensive view of your network topology, including workload connections, dependencies, and detailed traffic data. Stay ahead of threats and ensure that workloads in your cluster operate smoothly and securely.
Compliance
Achieve consistent and continuous compliance for PCI, SOC2, HIPAA, GDPR and other regulations. Enforce security policy as code for consistency. Easy audit reporting with on-demand or scheduled compliance reports. View compliance history and export auditor-ready compliance data anytime.
Self-service | CI/CD integration
Implement security as code, seamlessly deploying policies through your CI/CD pipeline. Use rich suite of tools to author, recommend, and preview policies before enforcement. Use policy tiers to manage enforcement order, allowing teams to contribute policies without risking essential protections.
