Cato Networks Launches Auto-Adaptive Threat Prevention in SASE

Cato Networks has introduced what it calls the world’s first auto-adaptive threat prevention engine built directly into a SASE platform. With the launch of Cato Dynamic Prevention, the company aims to help enterprises proactively stop advanced threats that increasingly rely on legitimate tools, valid credentials, and low-signal activity to evade traditional defenses. By continuously analyzing behavior in full context, Cato enables organizations to block malicious activity early without adding operational complexity or requiring manual SOC intervention.

Unlike traditional security tools that focus on isolated events, Cato Dynamic Prevention correlates months of activity across its global sensor network. It evaluates signals from inline controls such as DLP, IPS, and NGAM, along with out-of-band engines, to identify subtle attack patterns that would otherwise appear benign. Once the system detects malicious behavior, it automatically enforces adaptive restrictions across related actions tied to the same threat actor. As a result, enterprises can contain threats before they escalate into full-scale breaches.

Cyber Technology Insights: Stellar Cyber and Cato Networks Deliver AI-Driven SecOps on Cato SASE Platform

“From a CISO perspective, the biggest risk today is that advanced attacks don’t arrive as a single event. They develop quietly over time, spread across users, sites, and systems, and exploit the gaps between disconnected tools,” said Giles Ashton-Roberts, chief information security officer at Swissport International AG, a global leader in airport ground services and air cargo handling with 360+ sites, Microsoft Azure and Amazon Web Services (AWS) instances, and 26,000+ users on the Cato SASE Platform.

“At Swissport, we operate in a truly always-on environment. There’s no downtime when you’re supporting hundreds of airport locations across the globe,” said Ashton-Roberts. “In that kind of environment, delayed detection directly impacts our ability to respond. The Cato Dynamic Prevention launch is emblematic of why unifying all security and networking signals into a single platform matters, because only with that level of visibility and context can security teams respond fast enough to stop threats before they disrupt critical operations.”

Today’s advanced threat landscape continues to evolve rapidly. Attackers increasingly blend malicious actions into normal enterprise workflows, spreading low-risk activities over time to avoid detection. Consequently, traditional point solutions operating in silos struggle to connect these subtle indicators across users, hosts, and networks. Even when threats are eventually identified, response efforts are often reactive and manual, allowing attackers to persist, move laterally, and expand their impact.

Industry research highlights this growing gap. According to Gartner®, “61% of enterprises lack full-time threat hunting experts and rely on reactive analysts repurposing their time, leaving teams underfunded, misaligned, and vulnerable.” This shortage of proactive expertise further emphasizes the need for automated, context-aware threat prevention.

Cyber Technology Insights: Cato Networks Unveils First SASE-Native Policy Engine to Transform Security Operations Globally

Cato Dynamic Prevention directly addresses this challenge. By continuously correlating long-term activity patterns in real time, the platform identifies behavior-based threats that bypass traditional inspection methods. Furthermore, it dynamically adapts enforcement policies to block high-risk actions instantly minimizing exposure without disrupting legitimate business operations.

As a result, organizations benefit in several key areas. First, they reduce risk exposure by stopping malicious activity at earlier stages. Second, they strengthen their overall security posture by proactively defending against the misuse of legitimate tools and emerging attack techniques. Finally, they improve IT and SOC efficiency by reducing false positives and manual investigations, allowing teams to focus on strategic security priorities rather than reactive firefighting.

“Enterprises are already struggling to stop advanced threats that unfold quietly over time, and with the explosion of AI and autonomous agents, the threat landscape is accelerating exponentially. Threat actors abuse trusted tools and valid credentials, knowing most defenses still analyze isolated events and rely on humans to connect the dots for more complex attack chains,” says Lior Cohen, vice president of product management, security and management at Cato Networks. “Cato Dynamic Prevention changes the game by continuously understanding behavior in context, predicting the threat actor’s next move, and enforcing protection automatically that would only impact true positive threats. As a result, this stops potential threats before a breach ever takes shape.”

With this launch, Cato Networks reinforces its position as a SASE innovator, delivering a unified platform that integrates networking and security intelligence. As advanced threats become more persistent and AI-driven, enterprises increasingly require automated, adaptive protection that operates at scale and in real time.

Cyber Technology Insights: Cato Networks Adds GenAI Security to CASB to Tackle Shadow AI Risk

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com

Tags: advanced threats, behavior-based threats, Cato Networks, security tools, Threat Landscape

CyberTech Staff Writer

CyberTech Staff Writer is a seasoned cybersecurity expert and analyst with over 20 years of experience in IT security and networking. Passionate about safeguarding digital landscapes, they specialize in identifying, assessing, and reporting cyber threats and best practices to help enterprises prevent and recover from cyber disasters. Their expertise covers cloud security, application security, ransomware assessment, threat intelligence, incident response, Zero Trust Network Access (ZTNA), and more. As a recognized thought leader in the cybersecurity community, the CyberTech Staff Writer collaborates to deliver insightful, actionable content that empowers organizations to build strong, proactive defenses against evolving cyber threats.