Threat defense

Use real-time monitoring to detect and block threats to your cluster.

Security event management

Get alerts on threats in a single dashboard.

Trace and alert on suspicious domains

Add threat intelligence feeds to trace DNS queries that involve suspicious domains.

Trace and block suspicious IPs

Add threat intelligence feeds to trace network flows of suspicious IP addresses, and optionally block traffic to them.

Workload-based Web Application Firewall (WAF)

Configure Calico to use with Layer 7 Web Application Firewall.

Configuring security event alerts in Slack and Jira

Get security event alerts in Slack or Jira.

Deep packet inspection

Monitor live traffic for malicious activities.

Anonymization attacks

Detect and analyze malicious anonymization activity using Tor-VPN feeds.