|
By Vitaly Simonovich
Underlying the US–China AI race, there’s arguably a more sinister arms race—the race to identify zero-day threats. Frontier AI algorithms, such as Anthropic Mythos (here) and China’s Qihoo 360 (here), are compressing the zero-day discovery cycle. But how those discoveries are gathered and shared among cooperating entities is giving China significant defensive and offensive advantages.
|
By Liron Hakim Bobrov
Employees are leveraging AI to boost productivity and adopt skills that would take years to learn. This ranges from drafting content, writing code, and building automated workflows. Some of this use is approved. Much of it is not. For many security teams, the first instinct is to treat this risk like they would any other SaaS risk: discover the app, allow or block access, apply DLP rules, and report on usage. That model works for traditional SaaS, but AI is different.
|
By Eran Shavit
Today, Cato Networks announced an integration of Cato XOps with the Cyera AI-native Data Security Platform Management (DSPM). The integration brings Cyera’s data security telemetry directly into Cato XOps, giving security teams visibility into the sensitivity and exposure of data involved in security events. In today’s distributed environments, data lives across the cloud, SaaS, endpoint, and network.
|
By Sangita Patel
The cybersecurity industry has long relied on a simple idea: find vulnerabilities, patch them, and measure success by how fast you close the gap. “Time-to-patch” became a badge of honor. That model no longer holds. The rise of Mythos-class Frontier AI Models introduces a different kind of threat. AI-driven, agentic attacks operate continuously, discover weaknesses automatically, and execute at a scale no human team can match.
|
By Idan Tarab
In April 2026, Cato CTRL identified and blocked an attempted intrusion against a global manufacturing customer involving TencShell, a previously undocumented, Go-based implant derived from the open-source Rshell C2 framework. The activity appeared in traffic associated with a third-party user connected to the customer environment.
|
By Mae Dotan
Think of your environment like a medical clinic. Patients with new “symptoms” show up every day, such as an overly permissive firewall rule or a missed TLS inspection policy. A good doctor triages the most severe case and prescribes the right fix before the “symptoms” escalate.
|
By Dr. Guy Waizel
Frontier AI is changing the economics of cybersecurity. Advanced models can accelerate vulnerability research, exploit-path analysis, attack planning, and disclosure workflows, making vulnerability discovery more continuous, automated, and AI-driven. This raises the bar not only for enterprises that need faster protection, but also for cybersecurity vendors that must adapt secure development, production security, runtime validation, incident response, and AI-assisted workflows to keep pace.
|
By Dr. Guy Waizel
CVE-2026-41940 is a critical authentication bypass vulnerability in cPanel & WHM, including DNSOnly, and WP Squared. The issue affects cPanel software versions after 11.40 and can allow an unauthenticated remote attacker to gain unauthorized access to exposed hosting control panels. cPanel released patched versions and published official remediation and detection guidance.
|
By Elad Menahem
Over a decade ago, Cato Networks helped shift cybersecurity to a new frontier: a converged, cloud-native platform that combines security and networking. As a long-time security researcher, the Cato platform was a radical change, providing researchers with the rich context and end-to-end visibility we needed to identify threats faster and deliver accurate protections.
|
By Inga Cherny
Cato CTRL has discovered high-severity vulnerabilities in NVIDIA NeMo (CVE-2025-33236 with a CVSS score of 7.8) and Meta PyTorch that turns AI model files into remote code execution (RCE) vectors. The NeMo vulnerability allows RCE by importing a malicious AI model. The NeMo framework silently executes threat actor-controlled code with no warning.
|
By Cato Networks
The attack lifecycle is compressing. Frontier AI models like Anthropic’s Mythos and OpenAI’s GPT-5.5-Cyber can help bad actors research vulnerabilities, test approaches, adapt code, and change delivery methods at machine speed and scale. That reduces the time, skill, and coordination needed to move from vulnerability discovery to active attack. When attacks behave this way, security needs to operate in real time with full visibility and context across the attack path.
|
By Cato Networks
Most organizations understand the need for Zero Trust access to private applications. The challenge is delivering it without creating operational bottlenecks, increasing network risk, or slowing projects with weeks of coordination. In this video, Chris Rudolph explains how Cato Private Access enables secure, application-level access to private applications without requiring routing updates, inbound firewall changes, or complex network redesigns.
|
By Cato Networks
The consulting firm wanted a secure, reliable network to better manage resources for modern applications so employees could work more effectively. With the Cato SASE Platform, they got that and much more: centralized visibility, control, and the foundation for secure growth.
|
By Cato Networks
As Darling Ingredients expanded, so did the opportunity to modernize how its global operations are connected and secured. With the Cato SASE Platform, the Darling Ingredients’ IT team replaced complexity with consistency, reduced costs, and gained the agility to support smarter growth, elevating IT as a strategic partner to the business.
|
By Cato Networks
Most users don’t work on devices you control. Contractors, partners, and BYOD users still need access, but traditional approaches force tradeoffs between security, visibility, and complexity. IT teams often stitch together VPNs, VDI, and browser tools, each with separate policies and consoles. This creates gaps in enforcement and increases operational overhead. Cato Enterprise Browser changes that.
|
By Cato Networks
AI adoption is accelerating across enterprises, often faster than security teams can respond. Employees are already using AI tools, copilots, and agents across SaaS apps, browsers, and workflows. That creates new risk around shadow AI, sensitive data exposure, runtime threats, and autonomous actions that traditional controls were never built to handle. In this video, we break down the four AI security challenges CISOs are facing right now.
|
By Cato Networks
Security teams are under constant pressure to detect issues quickly and respond with confidence. When endpoint and network data sit in separate systems, investigations take longer and important context can be missed. In this short demo, you will see how Cato SASE Cloud and CrowdStrike Falcon work together. Falcon endpoint telemetry feeds directly into Cato’s XOps engine, where it is correlated with network activity to create guided security stories.
|
By Cato Networks
Secure access is broken. Hybrid work, unmanaged devices, and cloud apps have outgrown VPNs, leaving gaps in security and increasing operational complexity. This video shows how Cato Universal ZTNA replaces fragmented access with a single, consistent policy across all users, devices, and applications while improving performance and control. You’ll see how continuous, risk-based access and application-level connectivity can reduce exposure while simplifying operations.
|
By Cato Networks
What if nothing ever looks malicious on its own? Most advanced attacks don’t start with obvious malware or clear signatures. They begin with activity that looks normal, until behavior over time reveals something more. In this demo, we show how Cato Dynamic Prevention stops threats by understanding behavior, not just inspecting isolated events.
|
By Cato Networks
Complexity is no longer just an operational inconvenience for a business when it’s slowing transformation and increasing costs. In a portfolio platform, that complexity is structural: separate inspection engines, overlapping functionality, and distinct policy frameworks. Cato is redefining what a true SASE platform means in the AI era - unifying architecture, reducing complexity, and unlocking measurable economic advantage. And best of all, it means starting anywhere, and growing everywhere.
|
By Cato Networks
Organizations require an understanding of the positive ROI implications of security transformation with a holistic, cloud-delivered security architecture. A well-formed security transformation strategy provides an objective cost analysis of potential savings gained by retiring traditional security tools. Understanding how a single converged software stack provides both a financial ROI and a technical ROI will help organizations uncover hidden savings to be gained with their transformation projects.
|
By Cato Networks
When exploring a revolutionary architecture like SASE, it helps to have specific, relatable examples. SASE overlaps both networking and security spaces, sometimes making it difficult to see the whole picture. In this new eBook, we explore what SASE looks like for 5 different industry verticals: Retail & Hospitality, Manufacturing, Credit Unions, Health & Pharmaceuticals and Technology. Many of the benefits of SASE can provide value to any organization, so even if your specific vertical isn't covered, you should take a look!
|
By Cato Networks
While organizations realize they must deploy zero trust, knowing where to begin and how to deploy has become an impediment for many. The Cybersecurity and Infrastructure Agency (CISA) is one of several zero-trust maturity models that provide organizations with a measurable path to zero trust. The Cato SSE 360 architecture is a secure platform that helps facilitate Zero Trust maturity while delivering complete 360-degree protection for users, applications and data. This white paper will discuss how Cato SSE 360 can help facilitate Zero Trust Maturity.
|
By Cato Networks
Before SASE, network and network security services were delivered through multiple point solutions, including legacy appliances. These legacy appliances operated in silos and required countless IT resources and attention to deploy, manage, maintain, and replace. Today, some enterprises are still trapped using these legacy appliances, despite their shortcomings. In the parallel, modern world, SASE offers a single cloud-native network and security service for all networking and security needs.
|
By Cato Networks
Migrating a branch firewall to cloud? Pretty straightforward.... But enterprise security teams often find it challenging when contemplating moving the datacenter FW to the cloud. Unlike the branch firewall or UTM, the datacenter FW is responsible for providing visibility and control over inbound and outbound internet traffic, WAN traffic, vLAN traffic, and more. In this whitepaper, understand all the challenges that come with migrating your datacenter FW to the cloud, in addition to.
|
By Cato Networks
Your SSE project is right around the corner. Our helpful SSE RFP template allows you to meet both current and future security threats while ensuring that your key business objectives are met. Our template, divided into four sections, provides key questions to incorporate into your SSE RFP. This RFP template will allow you to easily identify.
- May 2026 (11)
- April 2026 (18)
- March 2026 (25)
- February 2026 (7)
- January 2026 (6)
- December 2025 (9)
- November 2025 (7)
- October 2025 (7)
- September 2025 (11)
- August 2025 (10)
- July 2025 (13)
- June 2025 (17)
- May 2025 (10)
- April 2025 (17)
- March 2025 (15)
- February 2025 (9)
- January 2025 (8)
- December 2024 (15)
- November 2024 (6)
- October 2024 (9)
- September 2024 (7)
- August 2024 (5)
- July 2024 (15)
- June 2024 (10)
- May 2024 (5)
- April 2024 (6)
- March 2024 (5)
- February 2024 (11)
- January 2024 (11)
- December 2023 (5)
- November 2023 (8)
- October 2023 (8)
- September 2023 (12)
- August 2023 (15)
- July 2023 (13)
- June 2023 (9)
- May 2023 (14)
- April 2023 (14)
- March 2023 (14)
Cato enables customers to gradually transform their networking and security infrastructure for the digital business. You can address one or more of the use cases below at your own pace. No matter where you start, Cato will support you throughout your journey.
Cato SASE Cloud with SSE 360 provides a global converged cloud-native service that securely and optimally connects all branches, datacenters, people, and clouds. Cato can be gradually deployed to replace or augment legacy network services and security point solutions.
Cato SASE Cloud:
- Converged: Cato converges SD-WAN and network security capabilities into a single pass architecture.
- Cloud-native: Cato is built from the ground up as an elastic, resilient, and scalable cloud service.
- Global: Cato is available across 75+ global PoPs to support any business location or user.
- All edges: Cato secures and optimizes traffic from all users, locations, clouds, and applications.
SASE, SSE, ZTNA, SD-WAN: Your journey, your way.