History taught us that whistleblowers can expose the darkest secrets and wrongdoing of global enterprises, governments and public services; even prime ministers and presidents. Whistleblowers usually have a deep sense of justice and responsibility that drives them to favor the good of the many over their own. Often, their contribution is really appreciated only in hindsight.

Wherever you are in your SASE or SSE journey, it can be helpful knowing what other CISOs are doing once they’ve implemented these platforms. Getting started with enhanced security is a lot easier than you might think. With Cato’s security services being delivered from a scalable cloud-native architecture at multiple global points of presence, the value is immediate. In this blog post, we bring the top three things you, as a CISO, can do with Cato.

In the previous post, we’ve discussed how passive OS identification can be done based on different network protocols. We’ve also used the OSI model to categorize the different indicators and prioritize them based on reliability and granularity. In this post, we will focus on the network and transport layers and introduce a machine learning OS identification model based on TCP/IP header values.

Enterprises often find themselves tethered to complex and inflexible network architectures that impede their journey towards business agility and operational efficiency. Secure Access Service Edge, or SASE, a term coined by Gartner in 2019, defines a newer framework that converges enterprise networking and security point solutions into a single, secure, cloud-native, and globally distributed solution that secures all edges.

If you are used to managed MPLS services, transitioning to Internet last-mile access as part of SD-WAN or SASE might cause some concern. How can enterprises ensure they are getting a reliable network if they are not promised end-to-end SLAs? The answer: by dividing the enterprise backbone into the two last miles connected by a middle mile and then applying appropriate redundancy and failover systems and technologies in each section.

By Vadim Freger, Dolev Moshe Attiya On December 7th, 2023, the Apache Struts project disclosed a critical vulnerability (CVSS score 9.8) in its Struts 2 open-source web framework. The vulnerability resides in the flawed file upload logic and allows attackers to manipulate upload parameters, resulting in arbitrary file upload and code execution under certain conditions. There is no known workaround, and the only solution is to upgrade to the latest versions, the affected versions being.

Consider this: By the end of 2024, Gartner has projected that over 40% of enterprises will have explicit strategies in place for SASE adoption compared to just 1% in 2018. As the “poster child” of SASE (Forrester Research’s words not mine), Cato has seen first-hand SASE’s incredible growth not just in adoption by organizations of all sizes, but also in terms of third-party vendor requests to integrate Cato SASE Cloud into their software.

Enterprises in the private sector look to the US federal government for cybersecurity best practices. The US CISA (Cybersecurity & Infrastructure Security Agency) issues orders and directives to patch existing products or avoid use of others. The US NIST (National Institute of Standards and Technology) publishes important documents providing detailed guidance on various security topics such as its Cybersecurity Framework (CSF).