Cato Networks, provider of the world’s first SASE platform, announced today the first purpose-built reputation assessment system to combine threat intelligence and real-time network information, practically eliminating the false positive (FP) alerts that have long crippled IPS solutions. The system’s unique algorithmic crowdsourcing technology continuously processes millions of reputation records and automatically updates Cato Cloud, delivering enterprises up-to-date protection without any overhead or intervention.
Read More : Signavio Named a Top Performer and Technology Leader in Customer Journey Mapping
“Security analysts face a daily flood of security alerts most of which are simply irrelevant,” says Elad Menahem, Director of Security at Cato Networks. “These false positives result in alert fatigue that lead security professionals to block access to legitimate business resources or simply disable their defenses, increasing the risk of infection. Using artificial intelligence and machine learning algorithms, Cato’s fully automated system solves this problem, allowing them to focus their efforts on stopping genuine threats.”
Machine Learning Models Leverage Deep SASE Context to Isolate False Positives
The lack of visibility into the broader attack landscape has long constrained the industry when identifying new attacks. Security providers only have access to security data, the Indicators of Compromise (IoCs), of threats stopped by their products. Traditional ISPs have network visibility, but they lack security insight. Enterprises remain constrained by both.
Read More : SalesTechStar Interview with Jaime Bettencourt, SVP of Global Account Management at Mood Media
Threat intelligence services fill this gap, collecting IoCs of suspected malicious IP addresses, URLs, and domains from across the Internet. However, the variability in the accuracy of threat intelligence feeds has left enterprises blocking legitimate destinations, interfering with the very business process defended by security systems. As one recent academic paper analyzing threat intelligence feeds concluded, “…[There are] questions on the coverage that services of these vendors actually provide.”1
Cato’s reputation assessment system eliminates false positives in threat intelligence feeds by leveraging the convergence of security and networking information in its SASE platform. Cato ingests more than 5 million IoCs from nearly 200 open source and commercial threat intelligence sources. IoCs are then scored, and false positives are identified and eliminated using real-time network intelligence gathered by machine-learning models mining Cato’s comprehensive data warehouse of SASE flow metadata.
Read More : Drive Satisfaction, Engagement and Leads with Customer Engagement