Cato Networks Expands the SASE Cloud Platform with Incident Response Tools

Cato Networks, a leader in SASE, is expanding the Cato SASE Cloud platform with threat detection and incident response, introducing Cato XDR—a SASE-based, extended detection and response (XDR) solution

Available immediately, Cato XDR utilizes the functional and operational capabilities of the Cato SASE Cloud to overcome the protracted deployment times, limited data quality, and inadequate investigation and response experience too often associated with legacy XDR solutions, according to the company.

Cato is also offering Cato EPP, a SASE-managed endpoint protection platform (EPP/EDR). SASE's security capabilities encompassed threat prevention and data protection in a common, easy-to-manage, and easy-to-adopt global platform.

With this release, Cato is expanding SASE into threat detection, incident response, and endpoint protection without compromising on the architectural elegance captured by the original SASE definition, according to the company.

“Cato SASE continues to be the antidote to security complexity,” said Shlomo Kramer, CEO and co-founder of Cato Networks. “Today, we extend our one-of-a-kind SASE platform beyond threat prevention and into threat detection and response. Only Cato and our simple, automated, and elegant platform can streamline security this way.”

Cato XDR takes full advantage of the benefits of the Cato SASE Cloud platform, a platform built from the ground up to enable enterprises to connect, secure, and manage sites, users, and cloud resources anywhere in the world. 

Unlike disjointed point solutions and security appliances, Cato capabilities are instantly on, always available at scale, and fully converged, giving IT teams a single, shared context worldwide to understand their networks, prevent threats, and resolve problems, according to the company.

As an autonomous platform, Cato SASE Cloud sustains its evolution, resiliency, optimal performance, and security posture, saving enterprises the operational overhead of maintaining enterprise infrastructure. Enterprises simply subscribe to Cato to meet their business needs. 

Cato XDR addresses legacy XDR’s limitations. Instantly activated globally, Cato XDR provides enterprises with immediate insights into threats on their networks, according to the company.

Incident detection is accurate due to Cato’s many native sensors—NGFW, advanced threat prevention (IPS, NGAM, and DNS Security), SWG, CASB, DLP, ZTNA, RBI, and now EPP/EDR.

Powered by Bitdefender’s world-leading malware prevention technology, Cato EPP protects endpoints from attack—in the Cato way. Endpoint threat and user data are stored in the same converged Cato data lake as the rest of the customer’s network data, simplifying cross-domain event correlation. 

Remediation times reduce as detected incident stories contain the relevant information for in-depth investigation.

Cato’s tools sit in the same console as the native engines, enabling security analysts to view everything in one place—the current security policy and the reviewed story.

The Cato XDR dashboard provides a high-level overview of threats in the customer’s network.

Finally, incident reporting is simplified with generative AI. Purpose-built for investigations, this natural language engine provides human-readable explanations of incident stories. Analysts save time sharing incident information with other teams and reporting to their managers, according to the company. 

For more information about this news, visit