Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

September 2023

Scattered Spiders and Black Cats: MGM and Caesars Hacked?

In this week's episode, Bill and Robin dive deep into the techniques and tricks used by the masterminds behind the recent attacks on MGM and the Caesars Entertainment group, Scattered Spider and ALPHV. Why was MGMs business down for 10 days? Why did Caesars pay an alleged $15M ransom? What is BlackCat? How can this have been prevented, and how would this map to something like the MITRE ATT&CK framework?

Essential steps to evaluate the Risk Profile of a Secure Services Edge (SSE) Provider

Businesses have increasingly turned to Secure Services Edge (SSE) to secure their digital assets and data, as they undergo digital transformation. SSE secures the network edge to ensure data privacy and protect against cyber threats, using a cloud-delivered SaaS infrastructure from a third-party cybersecurity provider. SSE has brought numerous advantages to companies who needed to strengthen their cyber security after undergoing a digital transformation.

The Cato Journey - Bringing SASE Transformation to the Largest Enterprises

One of the observations I sometimes get from analysts, investors, and prospects is that Cato is a mid-market company. They imply that we are creating solutions that are simple and affordable, but don’t necessarily meet stringent requirements in scalability, availability, and functionality. Here is the bottom line: Cato is an enterprise software company.

Cato: The Rise of the Next-Generation Networking and Security Platform

Today, we announced our largest funding round to date ($238M) at a new company valuation of over $3B. It’s a remarkable achievement that is indicative not only of Cato’s success but also of a broader change in enterprise infrastructure. We live in an era of digital transformation. Every business wants to be as agile, scalable, and resilient as AWS (Amazon Web Service) to gain a competitive edge, reduce costs and complexity, and delight its customers.

Consistent Security, Everywhere.

Cato SASE Cloud and SSE 360 deliver all the security capabilities your organization needs for every user and location globally. Cato delivers all security capabilities in a single, cloud-native platform while our expert security researchers work 24/7 to ensure the best protection is in place for our customers. Enjoy consistent inspection and policy enforcement everywhere with always up-to-date security engines and an experience that users love.

NIST Cybersecurity & Privacy Program

The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) 1.1 has been a critical reference to help reduce or mitigate cybersecurity threats to Critical Infrastructures. First launched in 2014, it remains the de facto framework to address the cyber threats we have seen. However, with an eye toward addressing more targeted, sophisticated, and coordinated future threats, it was universally acknowledged that NIST CSF 1.1 required updating.

How to Solve the Cloud vs On-Premise Security Dilemma

Organizations need to protect themselves from the risks of running their business over the internet and processing sensitive data in the cloud. The growth of SaaS applications, Shadow IT and work from anywhere have therefore driven a rapid adoption of cloud-delivered cybersecurity services. Gartner defined SSE as a collection of cloud-delivered security functions: SWG, CASB, DLP and ZTNA. SSE solutions help to move branch security to the cloud in a flexible, cost-effective and easy-to-manage way.

Pythons and Birds: Duolingo and Telegram Hacked?

In this week's episode, Bill and Robin explore the dangers of programmatic interfaces! The language-learning website, Duolingo, has fallen victim to an API exploit which has exposed 2.6 million user accounts, and there's threat actors on the dark web who are using Python to subversively change messages in Telegram threads. What's happening in the world, why should you care, and how can you stay protected?

7 Compelling Reasons Why Analysts Recommend SASE

Gartner introduced SASE as a new market category in 2019, defining it as the convergence of network and security into a seamless, unified, cloud-native solution. This includes SD-WAN, FWaaS, CASB, SWG, ZTNA, and more. A few years have gone by since Gartner’s recognition of SASE. Now that the market has had time to learn and experience SASE, it’s time to understand what leading industry analyst think of SASE?

Single Vendor SASE vs. the Alternatives: Navigating Your Options

SASE sets the design guidelines for the convergence of networking and security as a cloud service. With SASE, enterprises can achieve operational simplicity, reliability, and adaptability. Unsurprisingly, since Gartner defined SASE in 2019, vendors have been repositioning their product offerings as SASE. So, what are the differences between the recommended single-vendor SASE approach and other SASE alternatives? Let’s find out. This blog post is based on the e-book “Single Vendor SASE vs.

Imparting Trust: Paws for Reflection

In this week's episode, Bill and Robin delve once again into the world of Zero Trust as they discuss how end-to-end encrypted messaging services have fallen victim to the BadBazaar trojan, as well as asking the question "Should you trust URLs on your children's snacks?" Learn all this and more on the latest episode of The Ring of Defense!