New Tigera solution protects AI workloads from data ingestion to deployment

Tigera announced a new solution to secure AI workloads running in Kubernetes clusters. Due to the resource-intensive and bursty nature of AI workloads, Kubernetes has become the de facto orchestrator for deploying them. However AI workloads introduce security challenges, throughout the data ingestion and preparation, model training, and deployment stages.

Calico is purpose-built to protect mission-critical AI workloads at every stage. The platform provides a set of features enabling organizations to scale their AI initiatives with confidence.

Egress security to protect data ingestion and preparation

Pods reaching out to external data and model repositories are subject to data exfiltration threats. Calico’s egress security controls, which include network policies, network sets, and DNS policies, ensure that the communication between the pods and external sources is trusted and secure. This prevents data exfiltration and safeguards model integrity.

Calico’s egress gateway also creates a secure, centralized exit point for AI workloads, routing outbound traffic through dedicated gateway pods that can be monitored, logged, and controlled with fine-grained policies, eliminating direct pod access to external services.

Zero-trust microsegmentation to protect the model training stage

During model training, pods communicate laterally with other pods to exchange, analyze and refine training data before writing the trained model back to storage. This pod-to-pod communication, by default, is unsecured and can be exploited by attackers to move laterally within the cluster to more sensitive assets.

Calico enforces granular network policies, including staged policies for testing and governance, to enable zero-trust microsegmentation to protect sensitive data sets and ensure access is limited to authorized resources, even in multi-tenant environments.

Ingress controls and WAF to protect access to AI end points

Upon model deployment the inference pods receive requests from users and other applications. This ingress communication presents a security risk. Calico’s ingress gateway enforces policies to ensure that trusted users and applications can access the model. Calico’s ingress WAF inspects incoming HTTP traffic to detect and block attacks listed in OWASP. This prevents attacks such as SQL injection and cache poisoning.

Egress controls for protecting intellectual property

Models and training data represent some of the most valuable assets in modern enterprises. Calico’s egress controls, combined with DNS network policies, provide granular protection for these assets by controlling what each service can communicate with. This prevents data exfiltration and safeguards model integrity.

Unified policy management across distributed AI clusters

Most enterprise AI deployments span multiple clusters from dedicated training environments, to optimized inference clusters and integrated production systems.

Calico’s cluster mesh feature supports unified policy management across distributed AI environments. Organizations can isolate training, inference, and production workloads while maintaining consistent security policies across clusters.

AI-centric observability and compliance controls

Calico also provides detailed flow logs, DNS logging, and visual service graphs to help teams understand AI service interactions and identify misconfigurations. These capabilities support compliance auditing and incident response with forensic-level detail.

“As AI adoption accelerates, organizations need security solutions that are as dynamic and scalable as the workloads they protect,” said Phil DiCorpo, Senior Director of Product Management at Tigera. “Calico empowers platform and security teams to confidently secure AI workloads without compromising agility or performance.”