Generative AI (à la OpenAI’s GPT and the likes) is a powerful tool for summarizing information, transformations of text, transformation of code, all while doing so using its highly specialized ability to “speak” in a natural human language. While working with GPT APIs on several engineering projects an interesting idea came up in brainstorming, how well would it work when asked to describe information provided in raw JSON into natural language?

At Cato our number one goal has always been to simplify networking and security, we even wrote it on a cake once so it must be true: Figure 1 – A birthday cake Applying this principle to our XDR offering, we aimed at reducing the complexity of analyzing security and network incidents, using a data-driven approach that is based on the vast amounts of data we see across our global network and collect into our data lake.

Many security vendors offer automated detection of cloud applications and services, classifying them into categories and exposing attributes such as security risk, compliance, company status etc. Users can then apply different security measures, including setting firewall, CASB and DLP policies, based on the apps categories and attributes. It makes sense to conclude that the more apps are classified, the merrier. However, such a conclusion must be taken with a grain of salt.

A new threat vector discovered by Cato Research could reveal proprietary information about the internal configuration of a GPT, the simple custom agents for ChatGPT. With that information, hackers could clone a GPT and steal one’s business. Extensive resources were not needed to achieve this aim. Using simple prompts, I was able to get all the files that were uploaded to GPT knowledge and reveal their internal configuration.

Atlassian recently disclosed a new critical vulnerability in its Confluence Server and Data Center product line, the CVE has a CVSS score of 10, and allows an unauthenticated attacker to gain Remote Code Execution (RCE) access on the vulnerable server. There is no workaround, the only solution being to upgrade to the latest patched versions.

Today, Cato is furthering our goal of simplifying security operations with two important additions to Cato SASE Cloud. First, we’re leveraging generative AI to summarize all the indicators related to a security issue. Second, we tapped ML to accelerate the identification and ranking of threats by finding similar past threats across an individual customer’s account and all Cato accounts.

Security analysts continue to face an ever-evolving threat landscape, and their traditional approaches are proving to be quite limited. They continue to be overrun with security alerts, and their SIEMs often fail to properly correlate all relevant data, leaving them more exposed to cyber threats. These analysts require a more effective method to understand threats faster and reduce security risks in their environment.