The Latest Cato Network News
Product and Solution Information, Press Releases, Announcements
|Cato Unveils First SD-WAN With Revolutionary, Cloud-based Threat Hunting System|
|Posted: Wed May 23, 2018 12:17:48 PM|
Cato leverages zero-footprint data aggregation, machine learning algorithms, and cross-enterprise traffic visibility to accurately pinpoint threats and dramatically reduce dwell time
TEL AVIV, Israel, May 23, 2018 – Cato Networks, provider of Cato Cloud, the world’s first secure, global SD-WAN as a service, announced today a revolutionary approach for hunting threats on enterprise networks. Cato Cloud serves as the virtual cloud network for hundreds of organizations connecting and securing all branch locations, mobile users, and physical and cloud datacenters. The Cato Threat Hunting System (CTHS), built into the Cato Cloud, leverages the rich traffic context and unobscured network and endpoint visibility to accurately pinpoint threats and dramatically reduce dwell time. CTHS represents the first time that threat hunting is done without deploying a dedicated and costly data collection infrastructure within the enterprise.
“As an industry, our ability to detect threats has been significantly hampered by the complexity of collecting granular, relevant data over time and applying the right analytics and people to interpret that data,” says Gur Shatz, co-founder and CTO of Cato Networks. “Virtual cloud networks, such as Cato Cloud, enable effortless access to such data, empowering our proprietary software and world-class SOC to hunt for threats on customer networks.”
Threat Hunting System At The Core Of Cato Cloud
Existing approaches to threat hunting combine end-point and network detection, third-party event logs, SIEM platforms, and managed detection and response services. These approaches are challenged on several fronts. First, sensors have to be deployed to collect raw data. Enterprises must ensure sensors intercept all relevant traffic in branches, datacenters and the cloud. Endpoint sensors complement network sensors, but can’t be deployed on all edge devices (i.e. IoT devices). Second, logs fed into SIEM platforms lack the full network context, limiting their value for threat hunting. Finally, most organizations lack the skills and resources to analyze the data and identify persistent threats.
CTHS, built into Cato Cloud, overcomes the cost and complexity of existing approaches to accurately detect threats. CTHS has the following capabilities:
“The network, threat and application data available through the Cato Cloud is an analyst goldmine”, says Elad Menahem, head of security research at Cato Networks, “Using CTHS and its machine learning algorithms trained with data from hundreds of enterprise networks, we’ve been able to focus on the few security events that matter and identify malware infections in minutes.“
CTHS creates a deep, threat hunting foundation that powers all Cato security services without which customers would be required to deploy data collection infrastructure or analyze mountains of raw data. At the same time, CTHS adheres to privacy regulatory frameworks such as GDPR. With CTHS and Cato Cloud, enterprises of all sizes continue their journey to streamline and simplify network and security.
Cato Researchers Present CTHS At Infosecurity Europe
Details of CTHS will be presented by Elad Menahem, head of security research, and Avidan Avraham, security researcher, at Cato, at the upcoming Infosecurity Europe show.
The Tech Talk, entitled “Improved C&C Traffic Detection Using Multidimensional Model and Network Timeline Analysis,” will occur on Wednesday, 6th June, at 16:00 – 16:25 in London.