Isovalent Enterprise for Tetragon Released
November 02, 2023

Isovalent announced the general availability of Isovalent Enterprise for Tetragon, extending the existing open source Cilium Tetragon project that provides kernel-level programmability for runtime Kubernetes security use cases.

Cilium Tetragon, the open source project within the Cloud Native Computing Foundation (CNCF) and sub-project of Cilium, has reached a significant milestone with the OSS 1.0 release. Just like Cilium gave platform teams a standard interface and greatly evolved performance in Kubernetes networking, Tetragon harnesses the power of eBPF to define how security and operations teams instrument Kubernetes runtime security--with lower overhead, higher performance, and a richer stream of data closer to the kernel and beyond the limited telemetry purview of security scanners.

Tetragon is an eBPF-based security observability and runtime enforcement platform designed to give security and operations teams richer telemetry data for runtime security, while eliminating the performance overhead of proprietary security vendors' agents. Isovalent extends the open source project with enterprise features that further security teams visibility into L7 networking events (HTTP, DNS, TLS/SSL handshake analysis), granular control over Tetragon security policies and workflows, improved in-kernel smart collection for lower CPU & memory overhead, and more. In benchmarking comparisons, Tetragon's kernel-based runtime telemetry collection resulted in near baseline overhead and minimal resource utilization across core security and observability use cases, read the benchmarking results and more.

Tetragon is built around eBPF and in-kernel filtering and aggregation logic, providing deep visibility without traditional agents or application changes. It gives platform and security teams a powerful observability layer that can introspect the entire system ranging from low-level kernel visibility to track file accesses, network activity, or capability changes, all the way up into the application layers covering aspects such as function calls into vulnerable libraries, tracing process execution, or understanding HTTP requests made.

Tetragon is able to enforce security policies across the operating system in a real time preventive manner instead of reacting to events asynchronously. Tetragon has the ability to specify allow lists for access control at several layers. Security policies can be injected via Kubernetes (CRDs), a JSON API, or systems such as Open Policy Agent (OPA).

"As Cilium standardized the Kubernetes networking experience across cloud providers and infrastructure, with Tetragon we're seeking to give platform and security teams the same experience for runtime security," said Thomas Graf, Cilium Creator and CTO and co-founder at Isovalent. "And by bringing Kubernetes security observability and enforcement closer to the kernel, we're giving you deeper visibility and control combined with incredible performance gains compared to existing technologies."

With Tetragon, every file, system interaction, network interaction, escalation of privileges, every process ever executed or network port opened is observable to security teams. This degree of granularity made possible by the eBPF and Cilium-based close-to-the-kernel lineage gives platform teams the right combination of extracting only what they need, while defining filters and aggregations based on high level signals.

With its origins as a security primitive inside of Cilium, Tetragon also gives platform teams the advantage of combining network and runtime visibility. By using Cilium as the networking layer to connect workloads across cloud, on-prem and edge, and deploying Tetragon for runtime security--platform teams get a single Kubernetes-optimized operating model for their entire infrastructure, complete with a distributed firewall.

Share this

Industry News

November 25, 2024

Sonatype and OpenText are partnering to offer a single integrated solution that combines open-source and custom code security, making finding and fixing vulnerabilities faster than ever.

November 25, 2024

Red Hat announced an extended collaboration with Microsoft to streamline and scale artificial intelligence (AI) and generative AI (gen AI) deployments in the cloud.

November 25, 2024

Endor Labs announced that Microsoft has natively integrated its advanced SCA capabilities within Microsoft Defender for Cloud, a Cloud-Native Application Protection Platform (CNAPP).

November 21, 2024

Red Hat announced the general availability of Red Hat Enterprise Linux 9.5, the latest version of the enterprise Linux platform.

November 21, 2024

Securiti announced a new solution - Security for AI Copilots in SaaS apps.

November 20, 2024

Spectro Cloud completed a $75 million Series C funding round led by Growth Equity at Goldman Sachs Alternatives with participation from existing Spectro Cloud investors.

November 20, 2024

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, has announced significant momentum around cloud native training and certifications with the addition of three new project-centric certifications and a series of new Platform Engineering-specific certifications:

November 20, 2024

Red Hat announced the latest version of Red Hat OpenShift AI, its artificial intelligence (AI) and machine learning (ML) platform built on Red Hat OpenShift that enables enterprises to create and deliver AI-enabled applications at scale across the hybrid cloud.

November 20, 2024

Salesforce announced agentic lifecycle management tools to automate Agentforce testing, prototype agents in secure Sandbox environments, and transparently manage usage at scale.

November 19, 2024

OpenText™ unveiled Cloud Editions (CE) 24.4, presenting a suite of transformative advancements in Business Cloud, AI, and Technology to empower the future of AI-driven knowledge work.

November 19, 2024

Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade developer portal based on the Backstage project.

November 19, 2024

Pegasystems announced the availability of new AI-driven legacy discovery capabilities in Pega GenAI Blueprint™ to accelerate the daunting task of modernizing legacy systems that hold organizations back.

November 19, 2024

Tricentis launched enhanced cloud capabilities for its flagship solution, Tricentis Tosca, bringing enterprise-ready end-to-end test automation to the cloud.