StackGen has partnered with Google Cloud Platform (GCP) to bring its platform to the Google Cloud Marketplace.
Tigera announced the General Availability (GA) of its new container security features, including malware protection during runtime, Image Assurance with container image scanning, runtime visibility of vulnerable workloads and admission control policies.
With the availability of these features in Calico Cloud, customers have a single container security solution to improve security posture, reduce attack surface with fine-grained security controls, and provide threat defense from network and host based threats. By identifying potential vulnerabilities in the build phase of the CI/CD pipeline, users can ultimately leverage a shift-left approach to security.
The new container security features available in Calico Cloud include:
- Image scanning – Cloud-native application developers need access to safe and secure container images to build applications. Calico Cloud allows users to scan container images locally when needed, and export the results to share with stakeholders to improve their security posture. DevOps teams can utilize this approach to integrate the scanner utility in their CI/CD pipeline for a streamlined security operation model. Users can now get a detailed view of vulnerabilities in build images, providing a first line of defense against bad actors.
- Vulnerability management with automatic blocking of failed images – Customers can achieve high compliance standards and reduce the risk of deploying vulnerable images with admission policy controls that automatically block the deployment of failed images within their CI/CD pipeline.
- Visibility into high-risk workloads running in the environment – Teams can now prioritize remediation plans for existing workloads using a runtime view of high-risk workloads correlating with the image scan results. Using Calico's security policies, these workloads can be isolated from the rest of the application giving development teams more time to fix the issues, thereby alleviating their burden.
- Runtime threat defense from network and host-based threats – Calico Cloud offers runtime threat defense with malware protection and anomaly detection to protect containers and workloads from unknown threats and zero-day attacks. Calico's malware detection engine uses a combination of machine learning and proprietary rulesets to identify suspicious activity in containers and workloads. Users can quickly build a security policy to quarantine and isolate the affected workload while developers work on mitigating the security issue. These new capabilities enhance Calico's robust runtime threat defense features such as Intrusion Detection and Prevention (IDS/IPS), DDoS protection and workload-centric web application firewall (WAF)
"We are pleased to offer the only solution that takes an active approach to container security with a focus on prevention and risk mitigation throughout the application lifecycle, from development through production," said Ratan Tipirneni, President and CEO of Tigera. "Unlike competing solutions, which are reactive and focused on vulnerability detection, threat detection and alerting, Tigera's solution does not just identify vulnerabilities and threats. Instead, it actively prevents attacks and mitigates risk by applying a zero-trust security approach to reduce the attack surface and prevent the lateral movement of threats, thereby safeguarding sensitive data."
Calico Cloud provides a solution that helps prevent and detect threats and mitigate risk in containers and Kubernetes environments across build, deploy and runtime stages.
Industry News
Tricentis announced its spring release of new cloud capabilities for the company’s AI-powered, model-based test automation solution, Tricentis Tosca.
Lucid Software has acquired airfocus, an AI-powered product management and roadmapping platform designed to help teams prioritize and build the right products faster.
AutonomyAI announced its launch from stealth with $4 million in pre-seed funding.
Kong announced the launch of the latest version of Kong AI Gateway, which introduces new features to provide the AI security and governance guardrails needed to make GenAI and Agentic AI production-ready.
Traefik Labs announced significant enhancements to its AI Gateway platform along with new developer tools designed to streamline enterprise AI adoption and API development.
Zencoder released its next-generation AI coding and unit testing agents, designed to accelerate software development for professional engineers.
Windsurf (formerly Codeium) and Netlify announced a new technology partnership that brings seamless, one-click deployment directly into the developer's integrated development environment (IDE.)
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, is making significant updates to its certification offerings.
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the Golden Kubestronaut program, a distinguished recognition for professionals who have demonstrated the highest level of expertise in Kubernetes, cloud native technologies, and Linux administration.
Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade internal developer portal based on the Backstage project.
Platform9 announced that Private Cloud Director Community Edition is generally available.
Sonatype expanded support for software development in Rust via the Cargo registry to the entire Sonatype product suite.
CloudBolt Software announced its acquisition of StormForge, a provider of machine learning-powered Kubernetes resource optimization.