Cato Networks to Spotlight Emerging Trends in Threat Landscape at RSAC 2026 Conference

Cato CTRL to expose the realities behind today’s advanced attacks—from OPSEC failures to AI-powered evasion techniques and more      

TEL AVIV, Israel, March 18, 2026 – Cato Networks, the SASE leader, today announced that Cato CTRL will speak RSAC 2026 Conference in San Francisco.

The sessions featuring Cato CTRL include:

• Monday, March 23 at 1:10 PM PT
  • Session: “The Anatomy of Criminal Failure: Analyzing OPSEC Flaws in Major Takedowns”
  • Description: Criminal enterprises are collapsing due to repeated OPSEC failures, not elite law enforcement tactics. This talk will analyze major takedowns (2023–2025), showing how ego, traceable crypto, reused infrastructure, and identity slips doomed operations like ALPHV, Qakbot, and IntelBroker.
  • Speakers:
    • Etay Maor, vice president of threat intelligence at Cato Networks and member of Cato CTRL
    • Vitaly Simonovich, senior security researcher at Cato Networks and member of Cato CTRL

• Tuesday, March 24 at 2:25 PM PT
  • Session: “Living Under the Radar – Off the Land, Off the Cloud, and Off the AI”
  • Description: Living off the land, living off the cloud, and now living off the AI are NOT separate techniques anymore. This session will demonstrate and dive into the tools and techniques attackers use to remain under the radar, and will show, based on real cases investigated, how this combination of land, cloud, and AI has evolved.
  • Speakers:
    • Etay Maor, vice president of threat intelligence at Cato Networks and member of Cato CTRL
    • Tal Darsan, director of MDR services and member of Cato CTRL

• Wednesday, March 25 at 9:40 AM PT
  • Session: “When Trusted Clouds Turn Malicious: Lumma Stealer’s New Playbook”
  • Description: Lumma Stealer campaigns now abuse legitimate cloud platforms to host fake CAPTCHA pages that trick privileged users into running malicious commands. This session will reveal how trusted clouds are weaponized, why high-access accounts are prime targets, and what defenders must do to spot and stop these attacks.
  • Speaker: Tomer Agayev, staff security researcher at Cato Networks and member of Cato CTRL

To learn more about Cato’s threat intelligence team, visit the Cato CTRL page.

Resources

• [Photo] Etay Maor
• [Photo] Vitaly Simonovich 
• [Photo] Tal Darsan
• [Photo] Tomer Agayev

About Cato CTRL

Cato CTRL (Cyber Threats Research Lab) is the world’s first CTI group to fuse threat intelligence with granular network insight, made possible by Cato’s global SASE platform. By bringing together dozens of former military intelligence analysts, researchers, data scientists, academics and industry-recognized security professionals, Cato CTRL utilizes network data, security stack data, hundreds of security feeds, human intelligence operations, AI (Artificial Intelligence), and ML (Machine Learning) to shed light on the latest cyber threats and threat actors.

About Cato Networks

Cato Networks, a leader in SASE and AI security, delivers secure, zero-trust access everywhere to thousands of customers worldwide. Built for organizations operating across all cloud and hybrid environments, the Cato SASE Platform unifies networking, security, and access, providing them as elastic, modular capabilities that organizations can easily adopt and grow over time. Cato combines the Cato Cloud, a purpose-built global network, with simplified operational experience, all delivered across a robust, AI-driven platform. With Cato, organizations modernize confidently, operate with greater resilience, and innovate faster, without added complexity or risk.

Want to learn why thousands of organizations secure their future with Cato? Visit us at www.catonetworks.com.

Media Contact

Cato Communications
press@catonetworks.com