|
By Vitaly Simonovich
Cato CTRL recently analyzed an operator’s command-and-control (C2) server’s entire 33 days operation, including the steps he took to preserve access after the takedown. 339 commands. Four French victims. Between March 30 and May 1, 2026, Cato CTRL studied every command issued by a French-speaking threat actor (“Poisson”) against one French automotive small business and four French individuals.
|
By Jason Viera
A CVE lands in the morning. Hours later, attackers are exploiting it in the wild. The patch is not ready, the change window is days away, and the clock is already running. None of this is new. What changed is that vulnerability exploitation is now the most common path into organizations.
|
By Neil Langridge
Modern IT and security teams no longer evaluate platforms in isolation. They ask how a platform fits into the architecture they run, the workflows they trust, and the outcomes they need to improve. Enterprise stacks are not isolated; they are interdependent. Identity shapes access, endpoint posture influences policy, while SIEM tools drive investigations and rely on shared data and context. AI tools introduce new layers and patterns of usage, risk, and data movement across the network.
|
By Dr. Guy Waizel
Cato CTRL researchers recently identified an undocumented, active phishing campaign targeting Brazilian organizations with fake business-document lures, downloading a NinjaOne Remote Monitoring and Management (RMM) agent. The use of NinjaOne is particularly significant, underscoring how attackers no longer need exotic malware to penetrate an enterprise. Familiar business workflows and software is enough.
|
By Dr. Guy Waizel
TL;DR: In the age of frontier AI models, vulnerability discovery and exploit development are scaling faster than human defenders can manually respond. Security teams already face growing CVE volumes, shorter exploitation windows, and manual workflows for researching vulnerabilities, creating protections, validating them, and preparing them for deployment. As attackers weaponize vulnerabilities faster than organizations can patch them, time-to-protect is becoming a critical security metric.
|
By Makiko Yamada
As organizations advance toward Security Service Edge (SSE), secure access to private applications has become a practical priority. Executives rightly expect these programs to improve security while increasing agility. Yet many initiatives slow down at the same point: extending access to private applications. The work often depends on firewall exceptions, routing changes, and cross-team coordination, followed by tightly controlled maintenance windows.
|
By Brian Greenberg
GigaOm’s latest analysis highlights a clear shift in the market. As they note, “The standalone Secure Service Edge (SSE) market has largely disappeared, with leading vendors now offering complete SASE solutions that converge software-defined wide-area network (SD-WAN) and SSE into single-vendor platforms. Organizations increasingly favor this consolidated approach to reduce operational complexity and improve visibility.”
|
By Vitaly Simonovich
Underlying the US–China AI race, there’s arguably a more sinister arms race—the race to identify zero-day threats. Frontier AI algorithms, such as Anthropic Mythos (here) and China’s Qihoo 360 (here), are compressing the zero-day discovery cycle. But how those discoveries are gathered and shared among cooperating entities is giving China significant defensive and offensive advantages.
|
By Liron Hakim Bobrov
Employees are leveraging AI to boost productivity and adopt skills that would take years to learn. This ranges from drafting content, writing code, and building automated workflows. Some of this use is approved. Much of it is not. For many security teams, the first instinct is to treat this risk like they would any other SaaS risk: discover the app, allow or block access, apply DLP rules, and report on usage. That model works for traditional SaaS, but AI is different.
|
By Eran Shavit
Today, Cato Networks announced an integration of Cato XOps with the Cyera AI-native Data Security Platform Management (DSPM). The integration brings Cyera’s data security telemetry directly into Cato XOps, giving security teams visibility into the sensitivity and exposure of data involved in security events. In today’s distributed environments, data lives across the cloud, SaaS, endpoint, and network.
|
By Cato Networks
The attack lifecycle is compressing. Frontier AI models like Anthropic’s Mythos and OpenAI’s GPT-5.5-Cyber can help bad actors research vulnerabilities, test approaches, adapt code, and change delivery methods at machine speed and scale. That reduces the time, skill, and coordination needed to move from vulnerability discovery to active attack. When attacks behave this way, security needs to operate in real time with full visibility and context across the attack path.
|
By Cato Networks
Most organizations understand the need for Zero Trust access to private applications. The challenge is delivering it without creating operational bottlenecks, increasing network risk, or slowing projects with weeks of coordination. In this video, Chris Rudolph explains how Cato Private Access enables secure, application-level access to private applications without requiring routing updates, inbound firewall changes, or complex network redesigns.
|
By Cato Networks
The consulting firm wanted a secure, reliable network to better manage resources for modern applications so employees could work more effectively. With the Cato SASE Platform, they got that and much more: centralized visibility, control, and the foundation for secure growth.
|
By Cato Networks
As Darling Ingredients expanded, so did the opportunity to modernize how its global operations are connected and secured. With the Cato SASE Platform, the Darling Ingredients’ IT team replaced complexity with consistency, reduced costs, and gained the agility to support smarter growth, elevating IT as a strategic partner to the business.
|
By Cato Networks
Most users don’t work on devices you control. Contractors, partners, and BYOD users still need access, but traditional approaches force tradeoffs between security, visibility, and complexity. IT teams often stitch together VPNs, VDI, and browser tools, each with separate policies and consoles. This creates gaps in enforcement and increases operational overhead. Cato Enterprise Browser changes that.
|
By Cato Networks
AI adoption is accelerating across enterprises, often faster than security teams can respond. Employees are already using AI tools, copilots, and agents across SaaS apps, browsers, and workflows. That creates new risk around shadow AI, sensitive data exposure, runtime threats, and autonomous actions that traditional controls were never built to handle. In this video, we break down the four AI security challenges CISOs are facing right now.
|
By Cato Networks
Security teams are under constant pressure to detect issues quickly and respond with confidence. When endpoint and network data sit in separate systems, investigations take longer and important context can be missed. In this short demo, you will see how Cato SASE Cloud and CrowdStrike Falcon work together. Falcon endpoint telemetry feeds directly into Cato’s XOps engine, where it is correlated with network activity to create guided security stories.
|
By Cato Networks
Secure access is broken. Hybrid work, unmanaged devices, and cloud apps have outgrown VPNs, leaving gaps in security and increasing operational complexity. This video shows how Cato Universal ZTNA replaces fragmented access with a single, consistent policy across all users, devices, and applications while improving performance and control. You’ll see how continuous, risk-based access and application-level connectivity can reduce exposure while simplifying operations.
|
By Cato Networks
What if nothing ever looks malicious on its own? Most advanced attacks don’t start with obvious malware or clear signatures. They begin with activity that looks normal, until behavior over time reveals something more. In this demo, we show how Cato Dynamic Prevention stops threats by understanding behavior, not just inspecting isolated events.
|
By Cato Networks
Complexity is no longer just an operational inconvenience for a business when it’s slowing transformation and increasing costs. In a portfolio platform, that complexity is structural: separate inspection engines, overlapping functionality, and distinct policy frameworks. Cato is redefining what a true SASE platform means in the AI era - unifying architecture, reducing complexity, and unlocking measurable economic advantage. And best of all, it means starting anywhere, and growing everywhere.
|
By Cato Networks
Organizations require an understanding of the positive ROI implications of security transformation with a holistic, cloud-delivered security architecture. A well-formed security transformation strategy provides an objective cost analysis of potential savings gained by retiring traditional security tools. Understanding how a single converged software stack provides both a financial ROI and a technical ROI will help organizations uncover hidden savings to be gained with their transformation projects.
|
By Cato Networks
When exploring a revolutionary architecture like SASE, it helps to have specific, relatable examples. SASE overlaps both networking and security spaces, sometimes making it difficult to see the whole picture. In this new eBook, we explore what SASE looks like for 5 different industry verticals: Retail & Hospitality, Manufacturing, Credit Unions, Health & Pharmaceuticals and Technology. Many of the benefits of SASE can provide value to any organization, so even if your specific vertical isn't covered, you should take a look!
|
By Cato Networks
While organizations realize they must deploy zero trust, knowing where to begin and how to deploy has become an impediment for many. The Cybersecurity and Infrastructure Agency (CISA) is one of several zero-trust maturity models that provide organizations with a measurable path to zero trust. The Cato SSE 360 architecture is a secure platform that helps facilitate Zero Trust maturity while delivering complete 360-degree protection for users, applications and data. This white paper will discuss how Cato SSE 360 can help facilitate Zero Trust Maturity.
|
By Cato Networks
Before SASE, network and network security services were delivered through multiple point solutions, including legacy appliances. These legacy appliances operated in silos and required countless IT resources and attention to deploy, manage, maintain, and replace. Today, some enterprises are still trapped using these legacy appliances, despite their shortcomings. In the parallel, modern world, SASE offers a single cloud-native network and security service for all networking and security needs.
|
By Cato Networks
Migrating a branch firewall to cloud? Pretty straightforward.... But enterprise security teams often find it challenging when contemplating moving the datacenter FW to the cloud. Unlike the branch firewall or UTM, the datacenter FW is responsible for providing visibility and control over inbound and outbound internet traffic, WAN traffic, vLAN traffic, and more. In this whitepaper, understand all the challenges that come with migrating your datacenter FW to the cloud, in addition to.
|
By Cato Networks
Your SSE project is right around the corner. Our helpful SSE RFP template allows you to meet both current and future security threats while ensuring that your key business objectives are met. Our template, divided into four sections, provides key questions to incorporate into your SSE RFP. This RFP template will allow you to easily identify.
- June 2026 (5)
- May 2026 (13)
- April 2026 (18)
- March 2026 (25)
- February 2026 (7)
- January 2026 (6)
- December 2025 (9)
- November 2025 (7)
- October 2025 (7)
- September 2025 (11)
- August 2025 (10)
- July 2025 (13)
- June 2025 (17)
- May 2025 (10)
- April 2025 (17)
- March 2025 (15)
- February 2025 (9)
- January 2025 (8)
- December 2024 (15)
- November 2024 (6)
- October 2024 (9)
- September 2024 (7)
- August 2024 (5)
- July 2024 (15)
- June 2024 (10)
- May 2024 (5)
- April 2024 (6)
- March 2024 (5)
- February 2024 (11)
- January 2024 (11)
- December 2023 (5)
- November 2023 (8)
- October 2023 (8)
- September 2023 (12)
- August 2023 (15)
- July 2023 (13)
- June 2023 (9)
- May 2023 (14)
- April 2023 (14)
- March 2023 (14)
Cato enables customers to gradually transform their networking and security infrastructure for the digital business. You can address one or more of the use cases below at your own pace. No matter where you start, Cato will support you throughout your journey.
Cato SASE Cloud with SSE 360 provides a global converged cloud-native service that securely and optimally connects all branches, datacenters, people, and clouds. Cato can be gradually deployed to replace or augment legacy network services and security point solutions.
Cato SASE Cloud:
- Converged: Cato converges SD-WAN and network security capabilities into a single pass architecture.
- Cloud-native: Cato is built from the ground up as an elastic, resilient, and scalable cloud service.
- Global: Cato is available across 75+ global PoPs to support any business location or user.
- All edges: Cato secures and optimizes traffic from all users, locations, clouds, and applications.
SASE, SSE, ZTNA, SD-WAN: Your journey, your way.