Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Tigera

Enterprise Security Controls for Kubernetes

In this talk, we will explore how to meet common enterprise security control needs when running Kubernetes. Specifically, we will look at a range of common enterprise security needs and how you can meet these with standard Kubernetes primitives and open source projects such as Calico, or take it a step further with the additional features of Calico Enterprise.

Now GA: Data-in-Transit Encryption in Calico v3.15

We’re excited to announce that the latest release of Calico includes encryption for data-in-transit. Calico is the open source networking and network security solution for containers, virtual machines, and host-based workloads, offering connectivity and security for container workloads. One of Calico’s best-known security features is its implementation of Kubernetes Network Policy, providing a way to secure container workloads by restricting traffic to and from trusted sources.

Introduction to multi cluster security using Calico Enterprise

Now that you’ve deployed your network policies to secure your Kubernetes cluster, how do you deploy your policies to other clusters? What do you do each time a new cluster is provisioned? And how do you deploy changes to your policies? Most organizations have a set of central security policies, and many are deploying Kubernetes across multiple clouds and on-prem. Scaling security becomes a formidable challenge. Calico Multi-Cluster Management is a feature in Calico Enterprise that Federates network security policies across multiple clusters – whether on-prem, hybrid, or multi-cloud.

On-Demand Webinar: Extending Your Fortigate Next-Gen Firewall to Kubernetes

Companies are leveraging the power of Kubernetes to accelerate the delivery of resilient and scalable applications to meet the pace of business. These applications are highly dynamic, making it operationally challenging to securely connect to databases or other resources protected behind firewalls. Tigera and Fortinet have joined forces to solve this operational challenge. With the combination of FortiGate Next-Gen firewalls and Calico Enterprise, you gain full visibility into the container environment and can define fine-grained policies to determine which Kubernetes workloads are allowed to talk to the enterprise’s crown jewels running outside the Kubernetes cluster.

Kubernetes Security: Lateral Movement Detection and Defense

What is Lateral Movement? Lateral movement refers to the techniques that a cyber-attacker uses, after gaining initial access, to move deeper into a network in search of sensitive data and other high-value assets. Lateral movement techniques are widely used in sophisticated cyber-attacks such as advanced persistent threats (APTs).

Calico Egress Gateway: Universal Firewall Integration for Kubernetes

New applications and workloads are constantly being added to Kubernetes clusters. Those same apps need to securely communicate with resources outside the cluster behind a firewall or other control point. Firewalls require a consistent IP, but routable IPs are a limited resource that can be quickly depleted if applied to every service.

Network Security for D2iQ Konvoy

By default, pods are non-isolated; they accept traffic from any source. The D2iQ Konvoy solution to this security concern is Network Security Policy that lets developers control network access to their services. D2iQ Konvoy comes preconfigured with Network Security Policy using Project Calico which can be used to secure your clusters. This class will describe a few use cases for network policy and a live demo implementing each use case.

How to Implement Network Policy in Google GKE to Secure Your Cluster

By default, pods are non-isolated; they accept traffic from any source. The Google GKE solution to this security concern is Network Security Policy that lets developers control network access to their services. Google GKE comes configured with Network Security Policy using Project Calico which can be used to secure your clusters. This class will describe a few use cases for network security policy and a live demo implementing each use case.