Fine-grained security policies & controls

Application-layer authorization

Banyan enforces fine-grained, access control at the request & resource level for Layer-7 protocols (e.g, HTTP, MySQL, Kafka).

Network-level mechanisms using IP adress and port only provide coarse-grained reachability guarantees which are inadequate to protect microservices.

Banyan's real-time event logs capture unauthorized accesses for audit and forensics.

Transparent TLS encryption

Banyan enables end-to-end, mutually-authenticated TLS encryption between microservices where needed, without any changes to code or infrastructure.

Banyan automatically manages certificates and keys in multi-cloud environments.

Banyan helps organizations achieve compliance related to data-in-motion encryption.

Identity-based segmentation

Banyan automatically assigns cryptographic identities to every workload in your environment for isolating applications.

These unique, service-level identities enable cross-cloud and cross-cluster interoperability.

Banyan's powerful attribute and role-based access control policies allow simple configuration at the microservice-level.

Real-time visibility at the application level

Real-time security events

Banyan captures and analyzes policy violations such as unauthorized accesses at the microservice-level in real-time.

Banyan also provides real-time and historical events data to better understand access patterns and detect anomolous behavior.

Banyan's data feeds can be easily integrated with Security Information and Event Management systems like Splunk and ArcSight.

Network flow visibility refined to the application resource and process level

Look beyond just hosts and containers. Banyan employs sophisticated layer-7 protocol parsing and stream analytics to understand your services, applications and their interactions.

Banyan's powerful Network Map understands flows between services down to application resources and processes/containers. Our intuitive Search and Filter capability allows you to visualize even the most complex communication patterns.

Use network flow analytics to create a security baseline and develop strong security policies.

Security that empowers every team


Banyan is designed for container orchestration platforms (e.g., Swarm, Kubernetes, Mesos) and configuration managers (e.g., Chef, Puppet)

DevOps teams can roll out comprehensive security without orchestrating disparate solutions, managing security appliances or mandating code changes.


Banyan has been custom built to defend against the new dynamic attack surface created by microservices, containers, and multi-clouds.

Security teams can easily secure microservice-based applications continuously deployed across single, multi- or hybrid- cloud environments.


Banyan makes security easy for developers - no SDKs to mange, no heavy security processes to conform, no unnecessary slow down.

Developers can also leverage the real-time network flow visibility graphs and application-level statistics to troubleshoot their distributed apps.

Works across a wide variety of environments ...