The San Jose company quietly responsible for keeping a million Kubernetes clusters from leaking - every day, before lunch.
Somewhere right now, a Kubernetes pod is starting up. It will, within milliseconds, ask the network if it is allowed to exist. The answer almost certainly comes from Tigera - and most engineers have no idea they're depending on a 130-person company in San Jose to say yes.
Tigera is the creator of Calico, the open-source networking and security project that has become, by quiet consensus, the default plumbing of the cloud-native world. If you've used a managed Kubernetes service - on AWS, Azure, Google, Red Hat, or any of the dozen smaller platforms - you have almost certainly run their code. You may not have asked it to be there. It was there anyway.
The company sells two commercial products on top of that open-source base. Calico Cloud is a SaaS platform that handles runtime security, microsegmentation, and observability. Calico Enterprise is the self-managed sibling for organizations that, for reasons both regulatory and superstitious, prefer their security tools to live on their own infrastructure. Both are aimed at the awkward, growing middle of cloud-native: companies that have a hundred clusters, three thousand engineers, and exactly zero patience for a breach.
In 2016, Kubernetes was an interesting bet, not yet a default. The interesting bet had a quiet problem: containers had outgrown their network. The old security model - a firewall at the perimeter, a few VLANs, an annual audit - assumed servers were stable, addresses were stable, and you knew where everything lived. Containers broke all three assumptions before breakfast.
Most of the industry's response was to layer in more tools. Service meshes, sidecars, agents, agents on top of agents. Tigera's founders looked at the same problem and made a different bet: that the network itself should know who is allowed to talk to whom, that the policy should travel with the workload, and that the answer should be simple enough to run open source.
Treat the cluster network as a programmable, policy-aware surface - not a thing to wrap in firewalls.
Filed under: things that sound obvious now and didn't in 2016.Tigera was founded in 2016 by Alex Pollitt, Andrew Randall, and Christopher Liljenstolpe - the engineering core of what was then Project Calico, an open-source networking effort. They had a hypothesis and a Series A. The hypothesis: large enterprises would eventually need to secure containerized workloads with the same rigor they applied to data centers, and they would prefer to do it without rewriting everything. The Series A: $13 million, led by NEA and Wing Venture Capital.
Two years later, they raised $30 million more in a Series B led by Insight Partners. By then the bet was looking less like a bet. Calico had become the most widely adopted Kubernetes CNI on the market. CEO Ratan Tipirneni, a Cisco and Actifio veteran, joined to scale the business side without breaking the engineering side - a transition that, judging from the customer list, more or less worked.
Calico Open Source is the free, public, and slightly intimidating layer. It handles container networking, IP address management, and the basic policy enforcement that decides which pod can call which pod. It is, in a phrase, the part you find on GitHub.
Calico Cloud is the part you find on an expense report. It adds active runtime security - the ability to spot a process behaving badly and stop it - alongside vulnerability management, microsegmentation policy authoring, and observability tools that turn the cluster from a swarm of opaque containers into something a human can actually read. Calico Enterprise is the same idea, just delivered as software you run yourself, for the customers whose compliance teams have feelings about SaaS.
The newer addition, launched as a positioning push in early 2026, is Agent Governance: tooling for the new generation of AI workloads and autonomous agents that increasingly live in Kubernetes. The pitch is straightforward. AI agents need permission to act. Tigera knows how to write permission systems for things that move quickly and shouldn't.
It's one thing to claim ubiquity. It's another to publish a customer list that reads like a small country's GDP. Tigera's includes Box, NVIDIA, RBC, Fiserv, Siemens Healthineers, GoDaddy, Marsh & McLennan, Upwork, NBC Universal, FM Global, and Berenberg, among others. Most of these companies do not advertise their security vendors. Calico shows up anyway, which tells you something about how the tool is regarded internally.
Partnerships fill in the rest of the picture. Tigera works closely with AWS, Microsoft, Google Cloud, Red Hat, Mirantis, SUSE, and Fortinet - the kind of partner list a company assembles when it has become a category rather than a vendor. Calico's policy model also helped shape the Kubernetes NetworkPolicy API itself, which is the cloud-native equivalent of writing the dictionary the rest of the language uses.
Tigera's stated mission is to make Kubernetes the most secure infrastructure on the planet. It's a tall claim, but it has the virtue of being checkable. Either the breach rate of Calico-protected clusters comes down, or it doesn't. The company has spent nine years working on the first option.
The deeper bet is philosophical. Security, in Tigera's worldview, is not a product you bolt on. It's a property of the system - something the network knows and enforces without asking. That belief is why the company invested so heavily in open source in the first place, and why it has stayed disciplined about which features go into Calico and which become commercial.
The folklore version: cats are hard to herd. Containers are harder. The name is a wink at the chaos of trying to enforce order on a thousand small, fast-moving, slightly feral workloads. It is, perhaps, the most accurate metaphor in cloud-native.
Branding by people who've actually run a production cluster at 2 a.m.The shape of the next decade in software is being settled now, and most of it will run on Kubernetes. AI agents will need somewhere to live. Inference workloads will need somewhere to scale. Regulatory frameworks - the EU AI Act, the SEC's cyber rules, the ten new ones being drafted while you read this - will need somewhere to land. All three roads lead through the same infrastructure layer, and most of that layer already runs Calico.
Tigera's positioning around AI workload governance is, in that light, less a pivot than a tax collection. The company already operates the rails. Charging for the new traffic that runs over them is the polite, obvious move. Whether they win the AI security category outright depends on the next two product cycles. Whether they remain the default networking layer for cloud-native is, at this point, a settled question.
Somewhere right now, a Kubernetes pod is starting up. It asks the network if it is allowed to exist. The answer comes back in milliseconds: yes, here is your address, here are the three services you may call, here is the audit log of every byte you send. The pod gets on with its life. The engineer who deployed it gets on with theirs. The company they work for goes through another quarter without a breach. Somewhere in San Jose, 130 people built that interaction. Most of them have already moved on to the next problem.