|
By Sangita Patel
Agentic AI is quickly transitioning from experimentation to production. Enterprises are deploying AI agents to interpret goals, decide what actions to take, interact with business tools and APIs, and execute those actions autonomously, with limited or no human oversight. The promise is speed and efficiency, but the proverbial “blast radius” is bigger and fundamentally different from anything security teams have managed before.
|
By Dr. Guy Waizel
Cato researchers have discovered a new indirect prompt injection exploit pattern workflow in BrowserOS (an open-source agentic AI browser). We named it “WebPromptTrap” because the prompt originates from untrusted web content and it traps users into approving an authorization step through a trusted-looking AI summary.
|
By Amad Hussain
If your encrypted traffic was captured today, would it still be private in ten years? That question changes the conversation. Leaders are used to asking, “Is it encrypted?” Now they are asking, “How long does it stay confidential?” That is where post quantum cryptography, or PQC, comes in. Its role is to strengthen the foundations of a secure connection by improving how trust is established before any data is exchanged. Today’s encryption still works.
|
By Shlomo Kramer
Every major technological shift reshapes the landscape, creating both winners and losers. AI will be no different. The key question is which companies are positioned to capture the value it generates, and which ones may fall behind as it unfolds. If you look at previous technology shifts, the winners were not always the companies building the most visible products. They were often the ones that enabled the shift to happen in the first place, or those that benefited from the structural changes it created.
|
By Dr. Guy Waizel
Cato CTRL has discovered a q-based delivery technique used against an Italy-based consumer services company associated with PhantomBackdoor, a multi-stage WebSocket-based backdoor previously reported in a Ukraine-focused spear phishing operation by SentinelOne. In SentinelOne’s earlier reporting, initial access relied on phishing lures and a ClickFix-style flow that triggered a staged PowerShell and ended with a WebSocket backdoor.
|
By Sangita Patel
AI has moved from experimentation to a strategic enterprise imperative. It’s no longer about whether organizations will adopt AI, but whether their security architecture can govern it at the speed and scale at which it is being embedded into the business. This is not a future concern. It is today’s operational mandate to: Securing AI is not limited to software applications and agents.
|
By Dr. Guy Waizel
Agentic AI promises to improve work processes in all domains and industries. R&D is no different. Recently, Cato R&D built an internal self-evolving pull request (PR) review agent that keeps reviewers in flow by commenting only on high-impact, high-confidence issues, validating every change against its spec from the PR and Jira, and learning continuously from developer feedback through long-term, episodic memory. What were the results?
|
By Dr. Guy Waizel
On February 28, 2026, Israel and the United States launched a joint attack against Iran. In retaliation, Iran launched its own attacks against Israel and US-allied countries and bases in the region. The escalation in the Middle East is ongoing. Cato CTRL is currently monitoring the threat landscape in the region.
Imagine two talented orchestras playing together, but without a conductor or a single score. You get noise, not music. M&A can be like that. The value lies in having every musician on the same page. Traditional networking slows M&A execution. Cato delivers a cloud-native foundation that securely connects the new organization from day one, aligns policies and workflows under a single framework, and helps leadership realize value faster.
|
By Etay Maor
Today, we published the 2026 Cato CTRL Threat Report, which is the second annual threat report on AI security from Cato CTRL (the Cato Networks threat intelligence team). In 2025, Cato CTRL uncovered a decisive shift in the AI threat landscape. Threat actors are no longer just exploiting AI systems. They are exploiting AI trust, workflows, and capabilities themselves.
|
By Cato Networks
As Darling Ingredients expanded, so did the opportunity to modernize how its global operations are connected and secured. With the Cato SASE Platform, the Darling Ingredients’ IT team replaced complexity with consistency, reduced costs, and gained the agility to support smarter growth, elevating IT as a strategic partner to the business.
|
By Cato Networks
The consulting firm wanted a secure, reliable network to better manage resources for modern applications so employees could work more effectively. With the Cato SASE Platform, they got that and much more: centralized visibility, control, and the foundation for secure growth.
|
By Cato Networks
Most users don’t work on devices you control. Contractors, partners, and BYOD users still need access, but traditional approaches force tradeoffs between security, visibility, and complexity. IT teams often stitch together VPNs, VDI, and browser tools, each with separate policies and consoles. This creates gaps in enforcement and increases operational overhead. Cato Enterprise Browser changes that.
|
By Cato Networks
AI adoption is accelerating across enterprises, often faster than security teams can respond. Employees are already using AI tools, copilots, and agents across SaaS apps, browsers, and workflows. That creates new risk around shadow AI, sensitive data exposure, runtime threats, and autonomous actions that traditional controls were never built to handle. In this video, we break down the four AI security challenges CISOs are facing right now.
|
By Cato Networks
Security teams are under constant pressure to detect issues quickly and respond with confidence. When endpoint and network data sit in separate systems, investigations take longer and important context can be missed. In this short demo, you will see how Cato SASE Cloud and CrowdStrike Falcon work together. Falcon endpoint telemetry feeds directly into Cato’s XOps engine, where it is correlated with network activity to create guided security stories.
|
By Cato Networks
Secure access is broken. Hybrid work, unmanaged devices, and cloud apps have outgrown VPNs, leaving gaps in security and increasing operational complexity. This video shows how Cato Universal ZTNA replaces fragmented access with a single, consistent policy across all users, devices, and applications while improving performance and control. You’ll see how continuous, risk-based access and application-level connectivity can reduce exposure while simplifying operations.
|
By Cato Networks
What if nothing ever looks malicious on its own? Most advanced attacks don’t start with obvious malware or clear signatures. They begin with activity that looks normal, until behavior over time reveals something more. In this demo, we show how Cato Dynamic Prevention stops threats by understanding behavior, not just inspecting isolated events.
|
By Cato Networks
Complexity is no longer just an operational inconvenience for a business when it’s slowing transformation and increasing costs. In a portfolio platform, that complexity is structural: separate inspection engines, overlapping functionality, and distinct policy frameworks. Cato is redefining what a true SASE platform means in the AI era - unifying architecture, reducing complexity, and unlocking measurable economic advantage. And best of all, it means starting anywhere, and growing everywhere.
|
By Cato Networks
JavaScript-based crypto stealers are designed to hide in plain sight. They arrive over innocent-looking, encrypted web traffic and aim to steal credentials and wallet data before anyone notices. In this demo, you’ll see how the Cato SASE Platform stops a real JavaScript crypto stealer (JSCEAL) in real time. We show: How the malware is delivered over standard web traffic How Cato inspects encrypted traffic inline, in a single pass How the attack is identified and blocked before it reaches the endpoint How security teams get immediate visibility in the Cato Management Application.
|
By Cato Networks
Most SASE projects fail because the journey is daunting for many organizations. Too many vendors turn modernization into a multi-quarter relay race: hardware orders, carrier lead times, bolt-on tools, endless integration, and a loosely defined policy model.
|
By Cato Networks
Organizations require an understanding of the positive ROI implications of security transformation with a holistic, cloud-delivered security architecture. A well-formed security transformation strategy provides an objective cost analysis of potential savings gained by retiring traditional security tools. Understanding how a single converged software stack provides both a financial ROI and a technical ROI will help organizations uncover hidden savings to be gained with their transformation projects.
|
By Cato Networks
When exploring a revolutionary architecture like SASE, it helps to have specific, relatable examples. SASE overlaps both networking and security spaces, sometimes making it difficult to see the whole picture. In this new eBook, we explore what SASE looks like for 5 different industry verticals: Retail & Hospitality, Manufacturing, Credit Unions, Health & Pharmaceuticals and Technology. Many of the benefits of SASE can provide value to any organization, so even if your specific vertical isn't covered, you should take a look!
|
By Cato Networks
While organizations realize they must deploy zero trust, knowing where to begin and how to deploy has become an impediment for many. The Cybersecurity and Infrastructure Agency (CISA) is one of several zero-trust maturity models that provide organizations with a measurable path to zero trust. The Cato SSE 360 architecture is a secure platform that helps facilitate Zero Trust maturity while delivering complete 360-degree protection for users, applications and data. This white paper will discuss how Cato SSE 360 can help facilitate Zero Trust Maturity.
|
By Cato Networks
Before SASE, network and network security services were delivered through multiple point solutions, including legacy appliances. These legacy appliances operated in silos and required countless IT resources and attention to deploy, manage, maintain, and replace. Today, some enterprises are still trapped using these legacy appliances, despite their shortcomings. In the parallel, modern world, SASE offers a single cloud-native network and security service for all networking and security needs.
|
By Cato Networks
Migrating a branch firewall to cloud? Pretty straightforward.... But enterprise security teams often find it challenging when contemplating moving the datacenter FW to the cloud. Unlike the branch firewall or UTM, the datacenter FW is responsible for providing visibility and control over inbound and outbound internet traffic, WAN traffic, vLAN traffic, and more. In this whitepaper, understand all the challenges that come with migrating your datacenter FW to the cloud, in addition to.
|
By Cato Networks
Your SSE project is right around the corner. Our helpful SSE RFP template allows you to meet both current and future security threats while ensuring that your key business objectives are met. Our template, divided into four sections, provides key questions to incorporate into your SSE RFP. This RFP template will allow you to easily identify.
- April 2026 (9)
- March 2026 (22)
- February 2026 (7)
- January 2026 (6)
- December 2025 (9)
- November 2025 (7)
- October 2025 (7)
- September 2025 (11)
- August 2025 (10)
- July 2025 (13)
- June 2025 (17)
- May 2025 (10)
- April 2025 (17)
- March 2025 (15)
- February 2025 (9)
- January 2025 (8)
- December 2024 (15)
- November 2024 (6)
- October 2024 (9)
- September 2024 (7)
- August 2024 (5)
- July 2024 (15)
- June 2024 (10)
- May 2024 (5)
- April 2024 (6)
- March 2024 (5)
- February 2024 (11)
- January 2024 (11)
- December 2023 (5)
- November 2023 (8)
- October 2023 (8)
- September 2023 (12)
- August 2023 (15)
- July 2023 (13)
- June 2023 (9)
- May 2023 (14)
- April 2023 (14)
- March 2023 (14)
Cato enables customers to gradually transform their networking and security infrastructure for the digital business. You can address one or more of the use cases below at your own pace. No matter where you start, Cato will support you throughout your journey.
Cato SASE Cloud with SSE 360 provides a global converged cloud-native service that securely and optimally connects all branches, datacenters, people, and clouds. Cato can be gradually deployed to replace or augment legacy network services and security point solutions.
Cato SASE Cloud:
- Converged: Cato converges SD-WAN and network security capabilities into a single pass architecture.
- Cloud-native: Cato is built from the ground up as an elastic, resilient, and scalable cloud service.
- Global: Cato is available across 75+ global PoPs to support any business location or user.
- All edges: Cato secures and optimizes traffic from all users, locations, clouds, and applications.
SASE, SSE, ZTNA, SD-WAN: Your journey, your way.