Tigera, the inventor and maintainer of Project Calico, has announced a pay-as-you-go software as a service (SaaS) for Kubernetes security and observability. With Calico Cloud, users only pay for services consumed and are billed monthly, getting immediate value without upfront investment.

Calico Cloud gives DevOps, DevSecOps, and Site Reliability Engineering (SRE) teams a single pane of glass across multi-cluster and multi-cloud Kubernetes environments to deploy a standard set of egress access controls, enforce security policies for compliance, and observe and troubleshoot applications.

Calico Cloud includes Egress Access Controls to limit access to and from external endpoints on a “per-pod” basis including access to microservices, cloud databases, cloud services, APIs, and legacy applications, and East-West Security Controls to limit the blast radius when a security breach results in an APT (advanced persistent threat).

According to the company, Calico Cloud’s “defense-in-depth” approach provides protection on three levels: host, container/VM, and application, and can perform micro-segmentation for both container and VM (virtual machine) workloads.

Moreover, Calico Cloud encrypts data-in-transit, and provides intrusion detection with threat feeds of bad actors and known attacks. Using machine learning, CalicoCloud detects anomalies and generates policy recommendations that can be applied in milliseconds to remedy and prevent future attacks.

Calico Cloud is now available in two service offerings: A Starter subscription that is priced at $0.05 per node hour or $350 per node annually; and a Pro subscription priced at $0.08 per node hour or $561 per node annually.