Tigera provides secure networking and comprehensive protection for containers and Kubernetes. Pulse 2.0 interviewed Tigera’s President and CEO, Ratan Tipirneni, to learn more.
Ratan Tipirneni’s Background
Pulse 2.0 (Amit Chowdhry): “Can you tell us about your background?”
Ratan Tipirneni (Tigera): “Thanks for having me, Amit. I am an entrepreneurial executive with extensive experience incubating, building, and scaling software businesses. Currently, I’m the President and CEO at Tigera, the provider of the industry’s only container security platform with built-in network security, and the creator of Project Calico, the most adopted technology for container networking and security.”
“At Tigera, I lead the definition and execution of our global strategy, product vision, and business development. Our company’s software powers more than 100 million containers across 8M+ nodes in 166 countries and is supported across all major cloud providers and Kubernetes distributions.
Before joining Tigera, I spent several years in cloud leadership roles at Actifio and Cisco, establishing partnerships, leading go-to-market, and building world-class teams.”
Formation Of Tigera
Pulse 2.0 (Amit Chowdhry): “How did the idea for Tigera originate?”
Ratan Tipirneni (Tigera): “Tigera’s story began six years ago with Project Calico, an open-source container networking and security project with an active development and user community. Calico Open Source was born out of this project and has grown to be the most widely adopted solution for networking and security for containers and Kubernetes.”
“As the adoption of containers and Kubernetes grew and organizations started using Kubernetes at scale, they began to encounter more advanced requirements for security and observability. Tigera responded to this need by building upon Calico Open Source to create Calico Cloud, the industry’s only container security platform with built-in network security, and Calico Enterprise, which provides high-availability networking and simplified network security for cloud-native applications. Tigera was founded by the original Project Calico engineering team. We remain committed to maintaining Calico Open Source as the leading standard for container and Kubernetes networking and security, while also offering comprehensive container security with built-in networking security through our commercial products.
Core Products
Pulse 2.0 (Amit Chowdhry): “What are Tigera’s core products and features?”
Ratan Tipirneni (Tigera): “Tigera provides secure networking and comprehensive protection for containers and Kubernetes. Tigera’s Calico Cloud is the industry’s only container security platform with built-in network security to prevent, detect, and mitigate security breaches. Our self-managed service offering, Calico Enterprise, provides high-availability networking and simplified network security for cloud-native applications. Our open-source offering, Calico Open Source, is the most widely adopted container networking and security solution.”
“Calico Cloud is the only container security platform with built-in network security to reduce attack surfaces, harness machine learning to combat runtime security risks from known and zero-day threats, enable continuous compliance, and prioritize and mitigate risks from vulnerabilities through continuous security policy recommendations. The foundational container security features available in Calico Cloud include:
— Workload Security posture management – Users can scan images and configure the admissions controller to block the deployment of vulnerable images. Platform engineers can harden their Kubernetes configuration using CIS benchmarks and improve the security posture of their workloads with data-in-transit encryption, micro-segmentation, egress access controls and integration with firewalls.
— Runtime workload protection – Protect workloads from known attackers with capabilities such as workload-based IDS/IPS, WAF, DDoS protection and malware detection using file hashes.
— Runtime threat detection – Out-of-the-box detector to detect container and network-based attacks based on granular container and network activity.
— Observability and incident response – Users can use the Dynamic Service and Threat Graph to monitor vulnerabilities and get alerted when attacked as well as deploy risk mitigation controls to reduce the risk.”
“Due to the transient, elastic and distributed nature of containerized applications running in Kubernetes clusters, most security teams do not have a comprehensive view of security risks. Comprehensive risk assessment requires visibility into vulnerabilities, misconfigurations and network exposure.
Calico Cloud has elevated its capabilities to address this, providing Security Score and Recommended Actions for cloud-native applications. This feature gives administrators and security teams the most comprehensive, quantified view of their application’s overall security posture, leveraging risks associated with vulnerabilities, misconfigurations, lack of egress access and application isolation controls, including preceding trends and context, to help understand how the security score is behaving over time.”
“Tigera continues to set the standard for container security. We recently achieved Amazon Web Services (AWS) Security Competency status, a designation that recognizes the security capabilities of Tigera’s Calico Cloud platform in helping customers secure their AWS workloads and achieve their cloud security goals.”
Differentiation From The Competition
Pulse 2.0 (Amit Chowdhry): “What differentiates Tigera from its competition?”
Ratan Tipirneni (Tigera): “Tigera provides secure networking and comprehensive protection for containers, and offers the only container security platform with built-in network security. Unlike competing solutions that are focused on detection and alerting, Tigera’s solution not only detects but also prevents attacks by reducing the attack surface, and mitigates the risks of exposure in case of a breach – thereby safeguarding sensitive data.”
“The manual approach of legacy security tools was never a viable solution to the ballooning threats organizations face today. A key tool in Tigera’s security arsenal is Calico Runtime Threat Defense, which brings the intelligence, automation, and continuous protection that security teams need to level the digital playing field and ensure a defensive posture that prevents breaches effectively and efficiently. Unlike traditional runtime threat detection platforms, Calico Runtime Threat Defense for containers and Kubernetes continuously monitors and analyzes network and container behavior for Indicators of Attack (IOA) without the need for writing complex rules, freeing up valuable resources that would otherwise be spent on writing and maintaining security rules. Calico’s global threat intelligence feed integrates with AlienVault and other threat intelligence providers to alert and block attacks from known malicious actors. This fully automated approach, which combines signature and behavior-based techniques to detect container and network-based attacks, is also more accurate and reliable than manual rule-based systems.”
“While most solutions are plagued with hard-to-trace false alarms, Calico’s real-time alerts provide rich context for the potential threat along with suggested mitigation steps. These steps include policy recommendations, such as quarantining the infected pod, that are particularly useful for organizations that need more resources to independently interpret security data. Through clear and actionable guidance, Calico Runtime Threat Defense helps organizations respond to security threats in a timely and effective manner.”
“Calico also offers continuous and granular security policy recommendations to improve security at the pod level. Policy development requires an advanced understanding of microservices that are interacting with and depending on each other, microservices with vulnerabilities, those that need to communicate outside the cluster, and those that are accessing sensitive data. The Security Policy Recommender empowers organizations that lack the expertise to build granular policies by accounting for this information to help users avoid outages and increased vulnerabilities during policy development.”
“Calico’s Security Policy Recommender recommends policies at the namespace level in addition to policies at the pod level, which benefits users interested in multi-tenant architectures and workload isolation by enabling them to implement microsegmentation without any detailed knowledge of application-level changes. Overall, this capability increases team productivity by enabling users – no matter their expertise – to take advantage of automated policies to improve the security posture of their Kubernetes clusters.”
Customer Success Stories
Pulse 2.0 (Amit Chowdhry): “Can you share a specific customer success story?”
Ratan Tipirneni (Tigera): “At Tigera, we have an unwavering commitment to our customers and their continued growth and success. We recently worked with Mulligan Funding and Aldagi who deployed Calico software to achieve their unique business goals.”
“To streamline its loan-offering services and allow online loan checkouts for its customers, Mulligan Funding, a leading provider of business loans for small and medium-sized businesses, introduced a microservices-based, cloud SaaS platform. Because of the sensitive personal and financial data the SaaS platform would handle, the communications to and from the application needed to be secure and SOC 2 compliant. To accomplish this, Mulligan Funding standardized on Microsoft Azure Kubernetes Service (AKS) and Calico Cloud for security and compliance. Deploying Calico Cloud enabled Mulligan Funding to achieve SOC 2 compliance, ensuring the trust and protection of customers’ financial data without compromising speed, innovation, or user experience.”
“Aldagi, Georgia’s largest private insurance provider, selected and deployed Calico Enterprise to gain visibility of and control over confidential data, deploy granular egress access controls at the pod level, and achieve EU GDPR compliance.”
Total Addressable Market
Pulse 2.0 (Amit Chowdhry): “What is the total addressable market (TAM)? ”
Ratan Tipirneni (Tigera): “Tigera is pursuing the cloud-native application security market which according to research and markets report was $7.3 billion in 2022 and expected to grow to $19.3 billion in 2027.”
Future Company Goals
Pulse 2.0 (Amit Chowdhry): “What are some of Tigera’s future company goals?”
Ratan Tipirneni (Tigera): “Tigera is committed to meeting the new and ongoing needs of today’s DevOps teams and security decision-makers. Tigera recently polled more than 1,200 Calico Open Source global users to learn their top container networking and security priorities in 2023. The survey revealed workload access policies that limit pod-to-pod communication as the most popular type of security policy that Calico users deploy (61%), followed by policies for secure egress access (41%), microsegmentation (24%), and compliance (8%). Our users understand the criticality of robust workload-centric network security for Kubernetes workloads, and in the coming year, we will continue to ensure that Tigera’s solutions meet their evolving needs.”