Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Comparing NGFW container firewalls with Calico container firewall

In my previous blog post, I touched upon some challenges with how NGFW container firewalls are built and how it takes a team of firewall specialists to deploy, configure and maintain the firewall platform. In this blog I will illustrate the challenges in detail and demonstrate the simplicity of the Calico container firewall platform.

Container Security with Calico: Detect and Respond to Container Attacks with Network Anomaly Detection

Considering the vast attack surface and flat network architecture, Kubernetes workloads are particularly susceptible to network-based threats. While following best practices like workload access controls, workload-centric IDS/IPS, and WAF can help prevent and block attacks, anomaly detection has become crucial in today’s IT landscape to proactively anticipate security threats.

New in Calico Cloud: Continuously scan workloads in Kubernetes clusters to detect newly discovered CVEs

The timeline of an application can be broadly described in 3 phases: Thus, runtime security in the context of a cloud-native container environment broadly refers to the tools and processes leveraged to protect the operation of running containers in production.

What you can't do with Kubernetes network policies (unless you use Calico): Node Specific Policies

In my previous blog post, What you can’t do with Kubernetes network policies (unless you use Calico): TLS Encryption, I talked about use case number two from the list of 9 things you cannot implement using basic Kubernetes network policy—anything TLS related. In this blog post, we’ll be focusing on use case number three: node specific policies.

Detecting Network-Based Anomalies with Calico

In the vast digital landscape, the flow of data across networks is akin to water coursing through a city’s plumbing system. Just as impurities in water can signal potential issues, deviations in network traffic, termed as network inserted anomalies, can hint at cyber threats. These anomalies range from overt signs like unauthorized access attempts to subtler indicators like unusual data transfer patterns.

Implement NIST cybersecurity framework with Calico to reduce security risks in Kubernetes environments

According to the CNCF annual survey released in 2022, 96% of organizations are using or evaluating Kubernetes as a platform for their containerized workloads. Containerization has gained popularity as it fosters DevOps culture and provides the agility and flexibility required for faster software release cycles. Kubernetes has crossed the “adoption chasm” to become a mainstream global technology, emerging as the operating system for the cloud.

Bolster Amazon EKS security with Calico's image assurance capability

The integration of cloud-native technologies like Kubernetes with public cloud platforms like Amazon EKS has ushered in a new era of scalable and efficient application deployments. However, this combination brings forth unique security challenges, especially concerning container images. Enter Calico Cloud’s Image Assurance – a comprehensive tool designed to bolster the security of your containerized applications on Amazon EKS.

The easiest ways to create, test and deploy security policies for EKS clusters

Amazon’s Elastic Kubernetes Service (EKS) is a popular managed Kubernetes option that allows customers to benefit from both an offloaded Kubernetes management plane, and the wide range of services that AWS offers. Managed or unmanaged, securing cluster traffic is always critical and, although AWS Security Groups can secure the cluster nodes, securing pod traffic requires something closer to the application data-path.

Runtime security for containers: Detect threats by identifying anomalies in container behavior

Securing your Kubernetes environment and workloads is paramount in today’s digital landscape. Calico is the industry’s only active security platform with full-stack observability for containers and Kubernetes. Calico prevents, detects, troubleshoots, and automatically mitigates exposure risks of security breaches across multi-cluster, multi-cloud, and hybrid deployments.