Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Most organizations assume a clear boundary between external users, who submit support tickets or service requests, and internal users, who handle them using privileged access. However, when an internal user triggers an AI action from a model context protocol (MCP) tool, such as summarizing a ticket, that boundary can break.

In enterprise IT, there’s a familiar story: moving applications to the cloud is easy—but securely connecting cloud workloads isn’t. Cloud migration is no longer a question of if, but how fast enterprises can make the shift. As of 2025, an estimated 67% of enterprise infrastructure runs in the cloud, highlighting the widespread adoption of cloud hosting and infrastructure services worldwide.

When large language models (LLMs) became popular following OpenAI’s public release of ChatGPT in November 2022, threat actors understood the potential of such systems and how they can be used in their malicious operations. However, the main challenge that threat actors encountered a couple of years ago is that the LLMs were censored and didn’t allow the creation of malicious content. Enter WormGPT.

Today, we’ve announced during AWS re:Inforce 2025 that Cato Networks has received the “Deployed on AWS” badge, which identifies Amazon Web Services (AWS) partners whose products are powered by AWS infrastructure. As a Leader in the 2024 Gartner Magic Quadrant for Single-Vendor SASE, Cato sets the standard for converging networking and security in a single, cloud-native platform.

On June 12, 2025, a global outage at Google Cloud Platform (GCP) brought critical infrastructure to a halt. The ripple effects were immediate. Services from Palo Alto Networks and Cloudflare—both of which rely on GCP—experienced outages that lasted hours. Enterprises depending on these services were left blind and exposed. This wasn’t a first. It won’t be the last. But it was a wake-up call. When SASE, SSE, or SD-WAN platforms go down, the business is down. Productivity stalls.

With the introduction of WormGPT in 2023, threat actors have been using uncensored large language models (LLMs) for malicious activities. Following the shutdown of WormGPT in the same year, numerous alternatives have emerged—including BlackHatGPT, FraudGPT, and GhostGPT, among others—primarily accessible through Telegram channels.

Sometimes preparing dinner can be a complicated task. You’re juggling a stir-fry, boiling pasta, prepping a salad, and all you want is to say “Chop the onions” and have it done. No switching between tasks, no looking up steps. Just state the intent, and it’s executed. We wanted that same level of simplicity when interacting with our environment, including sites, users, topology, and real-time data. That led us to build Cato’s Model Context Protocol (MCP) Server.