Cato Networks has launched an innovative auto-adaptive threat prevention engine designed to thwart multi-stage cyberattacks before they inflict damage. This capability, known as Cato Dynamic Prevention, integrates with the vendor’s secure access service edge (SASE) platform.
The new engine intelligently analyzes behavioral patterns over time and correlates data across multiple security controls to identify and mitigate suspicious activities earlier in the attack chain. According to Lior Cohen, vice president of product management at Cato Networks, the engine adapts to the threat landscape by understanding user behavior within context. It predicts the next moves of cyber attackers, applying protective measures that minimize impact only to legitimate threats.
Cato Dynamic Prevention continuously monitors activities across users, devices, and sites, enabling it to automatically impose adaptive controls when it detects behaviors associated with threats—without needing manual intervention from IT teams. This proactive approach targets threat actors who utilize legitimate credentials and established tools, distributing their attacks over longer periods.
To illustrate the engine’s effectiveness, Makiko Yamada, product marketing manager at Cato Networks, explained that many legacy security tools focus on detecting singular, obvious threats rather than recognizing the cumulative low-level actions that modern attackers often employ. The adaptive threat prevention engine brings a shift in strategy by emphasizing correlation of actions that occur together, providing comprehensive protection against diverse attack vectors.
The functionality of Dynamic Prevention is grounded in Cato’s cloud-native SASE architecture, which leverages data from various built-in security services like intrusion prevention, anti-malware, and data loss prevention. The ability to create a unified view allows for deeper contextual understanding, enhancing the accuracy of threat detection.
Dynamic Prevention is available now as part of the Cato SASE Cloud Platform, which operates on a private global backbone consisting of over 90 points of presence linked through multiple SLA-backed networks.
