Cato Joins OpenAI’s Trusted Access for Cyber (TAC) to Advance AI-Driven Defense

Over a decade ago, Cato Networks helped shift cybersecurity to a new frontier: a converged, cloud-native platform that combines security and networking. As a long-time security researcher, the Cato platform was a radical change, providing researchers with the rich context and end-to-end visibility we needed to identify threats faster and deliver accurate protections.

Now, Cato is again crossing a new frontier, frontier AI. Today, I’m excited to share that Cato has joined OpenAI’s Trusted Access for Cyber (TAC) program, giving our research and security teams access to GPT‑5.4‑Cyber, OpenAI’s cyber-permissive model for verified defenders, to improve CVE discovery and prioritization. The outcome is simple: identify and mitigate vulnerabilities at machine speed to protect against the new scale and speed of agentic attacks.

Why TAC Matters: Using Frontier AI to Stay Ahead of Emerging Risk

With Zero Trust initiatives, enterprises reduced exposure by restricting access and keeping critical applications off the public internet. But attacks still find a path in, whether through vulnerabilities, misconfigurations, or third parties. The next challenge is how to quickly detect what’s getting through and stop it, fast.

Programs like OpenAI’s TAC—alongside industry efforts such as Project Glasswing—create a trusted way for verified defenders to apply frontier AI to cyber defense. For Cato, this means earlier signals on new vulnerabilities and attacker tradecraft—so we can validate risk sooner and deliver protections to our customers before threats become widespread.

Agentic AI further compresses timelines. Attackers can use automated agents to find and exploit weaknesses faster, at greater scale, and with less specialized talent—changing the economics of cyber offense. As our CEO, Shlomo Kramer, noted, we’re entering a period where advanced models accelerate attack and defense cycles. Expect faster, more coordinated campaigns that run continuously and adapt in near real time.

In this environment, the advantage lies in quickly converting new threat insights into enforced protection. AI can accelerate research, triage, and validation—but the business outcome depends on execution, the deployment of those protections. Time to protect is the metric that matters: How long it takes to reduce real exposure after a new risk is identified.

Closing the Gap Between Discovery and Protection

In many legacy environments, patching is slow by design: change control, testing, maintenance windows, and operational risk can stretch remediation from days to weeks. That delay is exactly what attackers monetize—often long after a fix exists.

With Cato, enterprises eliminate many of the delays associated with patching. Cato minimizes time-to-protect by turning threat insight into controls that can be enforced quickly, consistently, and at scale. The Cato platform unifies network and security telemetry to improve correlation, making protections more precise. Using Cato Dynamic Prevention, those protections continuously adapt in real time based on live runtime telemetry and are enforced in-line as attacks develop. Because Cato is delivered as a cloud-native platform with continuous upgrades, mitigations can be deployed broadly without waiting for endpoint-by-endpoint patch cycles, shrinking exposure windows with less operational overhead. At the same time, convergence reduces policy fragmentation and enforcement blind spots that attackers and automated agents can exploit, improving resilience while simplifying operations.

Cato also uses agentic AI across engineering and security workflows to improve software quality and incident response. Our frontier-model-powered agents flag 43% of incident-causing pull requests (PRs) before production and surface about 7,000 high and critical issues each month. The combination of which helps our teams save time when resolving incidents.

Frontier AI will raise expectations for every security program. Traditional patch SLAs will matter less than measurable exposure reduction: the ability to validate risk quickly, enforce controls inline, and demonstrate that protections are working across the business.

Cato already takes this approach with Rapid CVE Mitigation, deploying virtual patches that can block exploit traffic in hours, not weeks. TAC extends that advantage: frontier AI can surface new risk sooner and improve defensive learning, while Cato’s architecture turns those insights into protection quickly—with the context and control enterprises need.

What This Means for Executives

Joining OpenAI’s TAC reinforces Cato’s commitment to AI-driven defense—and to helping customers manage risk as the threat landscape speeds up. It gives us a trusted way to evaluate how frontier AI can improve early warning, vulnerability prioritization, validation, and the feedback loops required to keep controls effective.

For CISOs, the priority is straightforward: reduce exposure faster than adversaries can exploit it. That requires visibility you can trust, controls you can enforce consistently, and operations that don’t slow down when the next critical vulnerability hits.

Cato brings these pieces together—frontier AI access through TAC (and other alliances), Cato CTRL research, and the Cato SASE Platform—grounded in shared network and identity context, runtime telemetry, and inline enforcement. The goal is simple: close the gap between discovery and protection.

That gap will define the next era of cyber defense. As AI accelerates discovery and exploitation, resilience will come down to how quickly you can translate insight into action. Cato joining OpenAI’s Trusted Access for Cyber is an important step in helping customers do exactly that.