Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cato Networks

How to steal intellectual property from GPTs

A new threat vector discovered by Cato Research could reveal proprietary information about the internal configuration of a GPT, the simple custom agents for ChatGPT. With that information, hackers could clone a GPT and steal one’s business. Extensive resources were not needed to achieve this aim. Using simple prompts, I was able to get all the files that were uploaded to GPT knowledge and reveal their internal configuration.

Atlassian Confluence Server and Data Center Remote Code Execution (CVE-2023-22527) - Cato's Analysis and Mitigation

Atlassian recently disclosed a new critical vulnerability in its Confluence Server and Data Center product line, the CVE has a CVSS score of 10, and allows an unauthenticated attacker to gain Remote Code Execution (RCE) access on the vulnerable server. There is no workaround, the only solution being to upgrade to the latest patched versions.

Cato Taps Generative AI to Improve Threat Communication

Today, Cato is furthering our goal of simplifying security operations with two important additions to Cato SASE Cloud. First, we’re leveraging generative AI to summarize all the indicators related to a security issue. Second, we tapped ML to accelerate the identification and ranking of threats by finding similar past threats across an individual customer’s account and all Cato accounts.

Cato XDR: A SASE-based Approach to Threat Detection and Response

Security analysts continue to face an ever-evolving threat landscape, and their traditional approaches are proving to be quite limited. They continue to be overrun with security alerts, and their SIEMs often fail to properly correlate all relevant data, leaving them more exposed to cyber threats. These analysts require a more effective method to understand threats faster and reduce security risks in their environment.

Cato Networks Unveils Groundbreaking SASE-based XDR & EPP: Insights from Partners

In the ever-evolving landscape of cybersecurity, Cato Networks introduced the world’s first SASE-based extended detection and response (XDR) and the first SASE-managed endpoint protection platform (EPP). This Cato SASE Cloud platform marks a significant milestone in the industry’s journey towards a more secure, converged, and responsive cybersecurity platform.

Whistleblowers of a Fake SASE are IT's Best Friends

History taught us that whistleblowers can expose the darkest secrets and wrongdoing of global enterprises, governments and public services; even prime ministers and presidents. Whistleblowers usually have a deep sense of justice and responsibility that drives them to favor the good of the many over their own. Often, their contribution is really appreciated only in hindsight.

3 Things CISOs Can Immediately Do with Cato

Wherever you are in your SASE or SSE journey, it can be helpful knowing what other CISOs are doing once they’ve implemented these platforms. Getting started with enhanced security is a lot easier than you might think. With Cato’s security services being delivered from a scalable cloud-native architecture at multiple global points of presence, the value is immediate. In this blog post, we bring the top three things you, as a CISO, can do with Cato.

Machine Learning in Action - An In-Depth Look at Identifying Operating Systems Through a TCP/IP Based Model

In the previous post, we’ve discussed how passive OS identification can be done based on different network protocols. We’ve also used the OSI model to categorize the different indicators and prioritize them based on reliability and granularity. In this post, we will focus on the network and transport layers and introduce a machine learning OS identification model based on TCP/IP header values.

The Path to SASE: A Project Planning Guide

Enterprises often find themselves tethered to complex and inflexible network architectures that impede their journey towards business agility and operational efficiency. Secure Access Service Edge, or SASE, a term coined by Gartner in 2019, defines a newer framework that converges enterprise networking and security point solutions into a single, secure, cloud-native, and globally distributed solution that secures all edges.

Shells and Flipper Hells: SSH Problems and Pocket Hacking

In the first episode of 2024, Bill and Robin dive into a vulnerability impacting SSH across the world, as well as explore how something in your pocket may get you unwarranted attention. What is the Terrapin attack, and why should you leave your FlipperZero in check-in luggage? Learn all this and more on the latest episode of the Ring of Defense!