Tigera is a company that provides Calico, a unified network security and observability platform to prevent, detect, and mitigate security breaches in Kubernetes clusters. And the company is also the creator and maintainer of Calico Open Source, the most widely adopted container networking and security solution. Pulse 2.0 interviewed Tigera President and CEO Ratan Tipirneni to learn more about the company.
Ratan Tipirneni’s Background
What is Ratan Tipirneni’s background? Tipirneni said:
“I am an entrepreneurial executive with extensive experience incubating, building, and scaling software businesses. Currently, I’m the President & CEO at Tigera, the provider of secure networking and comprehensive protection for containers and Kubernetes, and the creator of Project Calico, the most adopted technology for container networking and security.”
“At Tigera, I lead the definition and execution of our global strategy, product vision, and business development.”
“Before joining Tigera, I spent several years in cloud leadership roles at Actifio and Cisco, establishing partnerships, leading go-to-market, and building world-class teams.”
Formation Of The Company
How did the idea for the company come together? Tipirneni shared:
“Tigera’s story began in 2016 with Project Calico, an open-source container networking and security project with an active development and user community. Calico Open Source was born out of this project and has grown to be the most widely adopted solution for networking and security for containers and Kubernetes.”
“As the adoption of containers and Kubernetes grew and organizations started using Kubernetes at scale, they began to encounter more advanced requirements for security and observability. As adoption of containers and Kubernetes grew and organizations started using Kubernetes at scale, they began to encounter more advanced requirements for security and observability. Tigera responded to this need by building upon Calico Open Source to provide a unified network security and observability platform to prevent, detect, and mitigate security breaches in Kubernetes clusters.”
“Tigera was founded by the original Project Calico engineering team. We are committed to maintaining Calico Open Source as the leading standard for container and Kubernetes networking and security, while also offering advanced capabilities through Calico commercial editions.”
Core Products
What are the company’s core products and features? Tipirneni explained:
“Tigera provides Calico, a unified network security and observability platform to prevent, detect and mitigate security breaches in Kubernetes clusters. The company is the creator and maintainer of Calico Open Source, the most widely used container networking and security solution. Calico is used by leading companies, including Discover, Chipotle, NBCUniversal, HanseMerkur, Box, Siemens Healthineers, Playtech, Royal Bank of Canada, and Bell Canada.provides secure networking and comprehensive protection for containers and Kubernetes. ”
“Powering more than 100 million containers across 8+ million nodes in 166 countries, Calico is supported across all major cloud providers and Kubernetes distributions, and is used by leading companies including Discover, Chipotle, NBCUniversal, HanseMerkur, Box, Siemens Healthineers, Playtech, Royal Bank of Canada, and Bell Canada.”
“With Calico, customers have a unified network security and observability platform to prevent, detect and mitigate security breaches in Kubernetes clusters. Calico is engineered to secure all types of network traffic including egress, ingress, in-cluster and cross-cluster. Calico offers centralized network security management across multiple Kubernetes distributions, for individual and multi-cluster deployments in the cloud or on premises. It facilitates seamless and consistent network policy enforcement, while empowering teams with observability and risk mitigation capabilities..”
“As organizations across nearly every industry and vertical rely on containerized applications and container orchestrators such as Kubernetes to run their business or deliver their products or services, security has become paramount. Further, with the rise in Artificial Intelligence (AI) applications and the infrastructure trend of migrating from virtual machines (VMs) to Kubernetes, network security has become critical. Calico includes essential capabilities for security teams as today, there is a critical need to simplify security monitoring. Security operations teams are overwhelmed with the number of security events and false positives, and need solutions that help them become more efficient and effective in their roles.”
“Tigera recently launched new features that advance Calico’s network security and runtime security capabilities. Tigera’s new updates to Calico extend its network security and visibility capabilities to virtual machines (VMs) and hosts, and provide the following enhancements for implementing network security: policy tiers and support for AdminNetwork and BaselineNetwork Policies, native support for nftables, and a new sidecar deployment for Envoy in Calico.”
“Tigera’s enhancements to Calico’s runtime security capabilities include: fine-tuned runtime threat detection for accuracy and efficiency–Calico allows administrators to select which types of detectors to enable in their cluster, enabling teams to phase their deployment and tune and customize threat detection; significant reduction of false positives; bolstered network-based threat detection; and insight into the exploitability of vulnerabilities to prioritize remediation.”
“With these new updates, Calico provides platform and security engineers with more control, visibility, and efficiency in securing and managing their Kubernetes and hybrid environments. Calico’s latest enhancements offer both flexibility for development teams and strict controls for platform and security teams.”
Customer Success Stories
Can you share any specific customer success stories? Tipirneni highlighted:
“Essentra is a global market leader in plastic injection molded, vinyl dip molded, and metal components. The company needed to migrate its e-commerce application from a VM on Microsoft Azure to Azure Kubernetes Service (AKS), and revisit its security approach in order to meet compliance requirements.”
“Essentra faced challenges including inadequate vulnerability management, a lack of network control and visibility, and an inability to assess application security posture in one place. Calico helped Essentra overcome its network control and visibility challenges, improve vulnerability management processes, and save time and money.”
“‘We have not had a single security incident in our environment since implementing Calico. It has helped to significantly reduce the number of attacks and enables us to resolve any issues that arise.’ —David Currey, Head of Site Security Central, Essentra.”
“All of our customer stories can be found here.”
Total Addressable Market
What total addressable market (TAM) size is the company pursuing? Tipirneni assessed:
“Tigera is pursuing the cloud-native application security market which according to research and markets report was $7.3 billion in 2022 and expected to grow to $19.3 billion in 2027.”
Differentiation From The Competition
What differentiates the company from its competition? Tipirneni affirmed:
“Calico’s ability to interconnect security risks is what differentiates it from the competition. Calico is a comprehensive platform that provides end-to-end security; it not only detects but also prevents breaches and mitigates the risk of exposure.”
“By understanding the relationships between services, you can better assess the potential blast radius of a given risk if left unmitigated.
– Understanding service interconnections: Each service in a Kubernetes cluster often interacts with others, forming a complex web of dependencies. These interconnections dictate how a risk in one service can propagate across the environment, potentially amplifying its impact.
– Associating security risks with services: To interconnect risks effectively, you must associate each type of risk with the specific services they affect at runtime. This runtime insight allows for a more accurate assessment of risk based on the actual architecture of your environment.
– Evaluating the blast radius: By understanding how services interact, you can predict which parts of your environment could be affected by a given threat, helping to prioritize your response.
By interconnecting services and their associated risks, you can move beyond isolated risk assessments to a holistic understanding of your environment’s security posture. Calico’s intimate knowledge of service-to-service communication enables the user to perform better risk assessment and enforce policies to reduce the risk of exposure.”
