Tigera, the creator of Project Calico, has announced a new solution to secure AI workloads running in Kubernetes clusters. Due to the resource-intensive and bursty nature of AI workloads, Kubernetes has become the de facto orchestrator for deploying them. Calico’s robust egress security controls, which include network policies, network sets, and DNS policies, ensure that the communication between the pods and external sources is trusted and secure. This prevents data exfiltration and safeguards model integrity. Calico’s egress gateway also creates a secure, centralized exit point for AI workloads, routing outbound traffic through dedicated gateway pods that can be monitored, logged, and controlled with fine-grained policies – eliminating direct pod access to external services. During model training, pods communicate laterally with other pods to exchange, analyze and refine training data before writing the trained model back to storage. This pod-to-pod communication, by default, is unsecured and can be exploited by attackers to move laterally within the cluster to more sensitive assets. Calico’s ingress gateway enforces policies to ensure that trusted users and applications can access the model. Calico’s ingress WAF inspects incoming HTTP traffic to detect and block attacks listed in OWASP. This prevents attacks such as SQL injection and cache poisoning. Calico’s egress controls, combined with DNS network policies, provide granular protection for these assets by controlling what each service can communicate with. This prevents data exfiltration and safeguards model integrity. Calico’s cluster mesh feature supports unified policy management across distributed AI environments. Organizations can isolate training, inference, and production workloads while maintaining consistent security policies across clusters. Calico also provides detailed flow logs, DNS logging, and visual service graphs to help teams understand AI service interactions and identify misconfigurations. These capabilities support compliance auditing and incident response with forensic-level detail.