Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Imagine you’re the Director of IT for a global manufacturing company. You must keep production sites, suppliers, and remote workers securely connected while controlling costs and meeting compliance. Every day, new challenges arise: If this sounds familiar, you’re not alone. Manufacturing is rapidly evolving with Industry 4.0, where smart factories use automation, IoT, AI analytics, and real-time data to optimize production and efficiency.

Zero trust is no longer just a concept—it’s essential. With cloud adoption, hybrid work, and increasingly sophisticated cyber threats, traditional perimeter security no longer suffices. Attackers exploit vulnerabilities inside networks, moving laterally undetected. Many organizations focus on securing north-south external-facing interactions while failing to monitor internal east-west traffic. This oversight exposes networks to ransomware, insider threats, and supply chain attacks.

Networking and infrastructure and operations (I&O) teams often feel that they are facing contradictory challenges. They are expected to manually maintain the complex legacy infrastructure that keeps the business running, while also finding capacity and licence to help their organizations innovate at a time of rapid technological change.

CVE-2025-1974 is a critical remote code execution (RCE) vulnerability in Kubernetes’ Ingress-NGINX Controller that allows unauthenticated attackers with network access to inject arbitrary NGINX configuration directives, potentially leading to full cluster compromise. Ingress-NGINX is a software-only ingress controller provided by the Kubernetes project. Because of its versatility and ease of use, ingress-nginx is quite popular: it is deployed in over 40% of Kubernetes clusters.

On March 24, 2025, ingress-nginx maintainers released fixes for multiple vulnerabilities that could allow threat actors to take over Kubernetes clusters. Ingress is a Kubernetes feature that defines how workload Pods are exposed to the network, while an Ingress Controller implements those rules by configuring the necessary local or cloud resources. According to Kubernetes, ingress-nginx is deployed in over 40% of Kubernetes clusters.

In my security research role at Corelight, I often have to go through large, complex data sets to detect subtle anomalies and threats. It reminds me of a famous quote by Abraham Lincoln: Give me six hours to chop down a tree and I will spend the first four sharpening the axe. For me, that means investing time up front to build tools that allow a large language model (LLM) to do the heavy lifting on key tasks, namely those that teams of analysts would have handled in the past.

On March 24, 2025, Wiz Research disclosed a series of critical vulnerabilities in Ingress NGINX Controller for Kubernetes, collectively dubbed: These unauthenticated Remote Code Execution (RCE) vulnerabilities have been assigned a CVSS base score of 9.8. According to Wiz Research, exploitation allows attackers to gain unauthorized access to all secrets across all namespaces in affected Kubernetes clusters, potentially leading to complete cluster takeover.

Today, Cato Networks has been honored by CRN with a 5-Star Award in the 2025 CRN Partner Program Guide. This annual guide is an essential resource for solution providers seeking vendor partner programs that match their business goals and deliver high partner value. This is the first time Cato has received a 5-star rating for our global partner program and that’s because we empower our partners to deliver a best-in-class SASE platform to customers.

As organizations strengthen endpoint and cloud security, attackers are shifting their focus to often-overlooked network infrastructure like routers, switches, and firewalls. Legacy vulnerability management (VM) solutions struggle to keep pace, relying on slow, periodic scans that fail to provide real-time visibility into emerging threats.