Private Data Plane Security Levels

The following table outlines the private data plane security levels supported in Choreo:

Basic tier	Standard tier	Premium tier
Distributed denial-of-service (DDoS) protection basic *	Distributed denial-of-service (DDoS) protection basic *	Distributed denial-of-service (DDoS) protection premium *
Controlled admin access *	Controlled admin access *	Controlled admin access *
End-to-end data encryption in transit	End-to-end data encryption in transit	End-to-end data encryption in transit
Data encryption at rest *	Data encryption at rest *	Data encryption at rest *
Secret management	Secret management	Secret management
Foundational CSPM *	Foundational CSPM *	Premium CSPM *
Static application security testing (SAST)	Static application security testing (SAST)	Static application security testing (SAST)
Infrastructure as code (IaC) scanning	Infrastructure as code (IaC) scanning	Infrastructure as code (IaC) scanning
Software composition analysis	Software composition analysis	Software composition analysis
Docker image security scanning	Docker image security scanning	Docker image security scanning
N/A	Kubernetes runtime protection *	Kubernetes runtime protection *
N/A	Web application firewall (WAF) *	Web application firewall (WAF) *
N/A	N/A	Network firewall *

* Not available in the on-premises private data plane.

Tip

Available add-ons:
- Security incident and event management (SIEM).
- 24/7 security operation center.