Cato Networks Delivers Instant Visibility and Control of Cloud Application Data Risk
Cato converges a full CASB into its global SASE platform to defend enterprises against data breach and cloud-delivered threats.
Tel Aviv, Israel – February 1, 2022 — Cato Networks, provider of the world’s first SASE platform, introduced today Cato CASB, the first Cloud Access Security Broker (CASB) to deliver actionable value in under 60 minutes. Along with the Cloud Application Catalog launched last month, Cato provides the quickest to deliver and easiest to run solution for managing cloud application data risk.
“CASB addresses a critical visibility and control gap created by cloud migration but must be converged into a broad SASE platform to be truly effective across the business,” said Shlomo Kramer, co-founder and CEO of Cato Networks, “We’ve done just that with Cato CASB. By building Cato CASB into the Cato SPACE engine, it can leverage the global footprint, rich context, cloud scalability, and self-healing and self-maintenance underpinning the Cato SASE Cloud. Cato CASB is just the latest example of high impact, high value capabilities that are effortless to deploy and use.”
SASE: The Cato Difference
With Cato CASB, Cato brings the benefits of a true SASE platform to the challenge of managing cloud application risk. Legacy, stand-alone CASB solutions require extensive planning and deployment times that can take several months. By contrast, Cato CASB is instantly available offering full visibility and control of cloud application access –immediately.
As part of Cato SASE Cloud, Cato CASB is available worldwide from 70+ locations for every site or user accessing any cloud application. This broad footprint enables optimized enforcement of corporate policies on all cloud access without introducing high latency, even when accessing cloud applications across geographical regions. Legacy CASB solutions coverage vary by location or available capabilities.
And Cato CASB taps the full power of Cato’s multi-layer threat defense. Cloud-based file access is inspected by Cato advanced anti-malware and IPS engines. Access control to locations and resources are limited through Cato NGFW and SWG. With legacy CASB, all of those components would be additional, requiring integration and deployment.
The Four Steps to Managing Cloud Application Risk
More specifically, with today’s announcement, Cato addresses all four stages for managing cloud application data risk — visibility, assessment, enforcement, and protection.
Visibility: The New Shadow IT Dashboard
Cato is introducing a new Shadow IT dashboard that provides a bird’s eye view of aggregate SaaS usage including number of total and high-risk applications, list of the highest risk applications, number of users accessing them, as well as distribution by risk.
Assessment: The Cato Application Credibility Engine (ACE)
Having identified unauthorized applications, IT leaders must assess their risk before deciding if they should be blocked, controlled, or allowed. Cato has built a unique Application Credibility Engine (ACE) which automates data collection from several sources to enable a quick and accurate assessment of each application. Three vectors are aggregated together for a comprehensive analysis – general company information, compliance features, and security capabilities.
Machine learning algorithms operating against Cato’s massive data lake of flow metadata analyzing the actual features applications exhibit on the network. Currently, Cato regulatory compliance verification includes HIPAA, PCI, and SOC 1-3. Security feature verification includes MFA, encryption of data at rest, and SSO.
Enforcement: Cato CASB Rules Define Access Policies
Having discovered unauthorized applications on their networks and been able to assess their risk, IT leaders must now decide how they want to respond. With Cato CASB, they gain fine-grained access over the application. The rules allow them to define the matching criteria, the specified action to be taken in case the rule applies, the associated severity level, and whether an alert or event should be generated.
Protection: Cato Detects and Blocks Threats and Breaches
The last stage is ensuring the protection of SaaS usage. Cato’s SASE achieves this through the convergence of its security tools. All SaaS traffic is processed by multiple security tools — NGFW, SWG, IPS, and NGAM. Together, these tools provide comprehensive protection from a wide array of threats.
About Cato Networks
Cato provides the world’s first SASE platform, converging SD-WAN and network security into a global, cloud-native service. Cato optimizes and secures application access for all users and locations. Using Cato, customers easily migrate from MPLS to SD-WAN, optimize connectivity to on-premises and cloud applications, enable secure branch Internet access everywhere, and seamlessly integrate cloud datacenters and remote users into the network with a zero-trust architecture. With Cato, the network, and your business, are ready for whatever’s next. CatoNetworks.com @CatoNetworks.
T +972 73-316-474
T: +44 (0)7854 841 892