Security, Compliance and Privacy | Cato Networks

Security, Compliance and Privacy

Cato converges SD-WAN and network security into a single cloud service, empowering enterprises to deliver optimized and secure application access to all users and locations. Leveraging Cato Cloud, enterprises can replace the complexity of multiple legacy point products with a simple, agile and secure global network. We are committed to support our customers’ business transformation with a cloud-native network that is designed for the digital era. This is why we built the world’s first SASE platform, designed with security, privacy and transparency in mind, and compliant with leading industry standards. Please visit our Security Trust Center for more information about our security certifications, security documentation, and compliance information.

SOC 1,2,3

As part of Cato’s commitment to customer data security, Cato holds SOC1, SOC2 and SOC3 certifications, which are independently validated by a third party. These certifications further demonstrate Cato’s secure and reliable strategy to ensure the confidentiality of services, processes and data.
PCI-DSS Certified Level 1 Service Provider

Cato is PCI-DSS Level 1 certified. This is the Security Standards Council’s highest certification for securing payment data and confirms that Cato SASE Cloud delivers an enterprise-grade security framework that meets the rigorous standards required to safeguard user data for retail and financial organizations.
ISO27001

Cato is ISO/IEC 27001:2013 certified, validating the company’s risk-based approach for implementing, maintaining and continually improving its Information Security Management System (ISMS). This also indicates Cato’s compliance with best practices for identifying, assessing, evaluating and treating information security risks.
ISO27017

Cato achieved ISO/IEC 27017:2015 certification. This certification addresses cloud-related information security risks and threats and attests that Cato’s services are in alliance with internationally recognized best practices.
ISO27018

Cato is ISO/IEC 27018:2019 certified. This certification provides guidance for cloud service providers in assessing and implementing advanced controls to safeguard Personally Identifiable Information (PII).
ISO27701

Cato is ISO/IEC 27701:2019 certified and committed to improving its Privacy Information Management System (PIMS).
This standard outlines a framework for managing data privacy for Controllers and Processors of Personally Identifiable Information (PII).
Cyber Essentials

Cato’s service and company complies with the UK Cyber Essentials requirements set forth by the British National Cyber Security Center. Cyber Essentials is an effective, government backed scheme that helps organizations protect themselves from a range of the most common cyber attacks.
CSA STAR

Cato’s service and company participated in the voluntary CSA Security, Trust, Assurance , and Risk (STAR) Self-Assessment to demonstrate its adherence to CSA’s recommended security practices. Cato’s CSA Consensus document is available on the CSA website.
GDPR

Cato is GDPR compliant, following the privacy-by-design principles and operating in accordance with all applicable laws to guarantee customers the right for privacy.
ISO14001

Cato is ISO/IEC 14001:2015 certified, a globally accepted Environmental Management System (EMS) standard. This certification enables Cato to improve its environmental performance, minimize waste generation, conserve resources, and ensure compliance with relevant environmental regulations.

Need to report a vulnerability?

Security advisoires