Cato Networks extends SASE platform with XDR, EPP capabilities

Cato Networks today announced it expanded its cloud-based SASE platform to also offer extended detection and response (XDR) and endpoint protection platform (EPP) capabilities that will enable security teams to consolidate security tools and streamline security incident detection, prevention, and resolution.

“Business has become much more fluid. Everything is anywhere. A form factor for the business needs to be fluid, and what’s fluid? A cloud network,” says Schlomo Kramer, Cato Networks CEO and co-founder. Cato set out to embed network security in the cloud network, “providing simplicity and guardrails,” Kramer says. “Now we are simplifying and reducing the cost of running security while providing the agility to address fast-moving business requirements.”

Cato is part of a growing market of secure access service edge (SASE) providers, which Gartner defines as those that deliver multiple converged network and security-as-a-service capabilities, such as software-defined WAN, secure web gateway, cloud access security broker, network firewalling, and zero trust network access. Cato is adding to its SASE platform with additional security-based capabilities that Kramer says customers need most now.

“We look at our customers and what they need to do: They need to reduce the attack surface,” Kramer says. Enterprises need to understand the risks and their exposure, “and we provide what they need to prevent attacks based on policy,” he says. “EPP is fully integrated into the platform in such a way that allows a single decision to take into account what happens on the endpoint in the network.”

Cato SASE Cloud runs on a private global backbone of more than 75 points of presence (PoPs) connected via multiple SLA-backed network providers. The PoPs software continuously monitors the providers for latency, packet loss, and jitter to determine in real-time the best route for every packet. Cato applies optimization and acceleration to all traffic going through the backbone to enhance application performance and the user experience. To ensure all locations benefit, Cato optimizes traffic from all the edges and toward all destinations—on premises and in the cloud.

Customers report that consolidating security functionality into fewer tools helps them gain better visibility and speed up incident response times. Redner’s Markets, an employee-owned supermarket chain with 75 locations headquartered in Reading, Pa., is an early adopter of the now generally available XDR capabilities in the Cato SASE Cloud platform. Nick Hidalgo, vice president of IT and Infrastructure at Redner’s Markets, says that even while using tools from other vendors, he already sees the benefit of Cato’s added XDR capabilities.

“The Cato XDR news is great. Currently, we are using XDR solutions from other vendors. The Cato XDR can see everything native on the network. No need to push feeds or APIs,” Hidalgo explains. “Having this capability now baked into our Cato SASE Cloud fabric will now be a game changer. Once automation and endpoint data are added we should have a self-defending network, which is every IT leader’s dream.”

Industry watchers have been touting security tools and capability consolidation for some time, with the advent of SASE and other cloud-based technologies. According to a Gartner survey of 418 respondents, “57% of organizations are working with fewer than 10 vendors for their security needs, as they are looking to optimize to fewer vendors in key areas like [SASE] and [XDR].” While about 30% of organizations reported consolidating security tools was an effort to reduce spending on licensing, 65% of organizations said they consolidated to improve risk posture, Gartner says.

“Security and risk management leaders must consider XDR and SASE as compelling options to start their consolidation journey,” said Dionisio Zumerle, VP analyst at Gartner, said in a statement. “SASE provides secure enterprise access, while XDR focuses on detecting and responding to threats through increased visibility on networks, cloud, endpoints, and other components.”