Cato Networks Cuts Vulnerability Protection Time to 45 Minutes with AI‑Driven Agentic Threat Research
What Happened – Cato Networks announced a new “agentic threat research” capability that automatically ingests newly disclosed CVEs, creates mitigations, validates them and deploys the protections across its global cloud platform within 45 minutes of disclosure. The process is AI‑driven, runs with human supervision, and requires no manual patching or configuration by customers.
Why It Matters for TPRM –
- Reduces the window of exposure for third‑party services that rely on Cato’s SASE platform.
- Demonstrates a vendor’s ability to keep pace with the accelerating CVE submission rate driven by frontier AI models.
- Sets a new benchmark for time‑to‑protect that can be used in vendor risk assessments and contractual SLAs.
Who Is Affected – Enterprises that consume Cato’s cloud‑native network security services (SASE, SD‑WAN, secure web gateway) across any industry, especially those with high‑value data and strict compliance requirements.
Recommended Actions –
- Review your contract and service‑level agreements with Cato to confirm the 45‑minute protection claim is reflected in security obligations.
- Validate that your internal monitoring tools ingest Cato’s protection status feeds.
- Incorporate the reduced time‑to‑protect metric into your third‑party risk scoring model.
Technical Notes – The capability leverages AI agents to monitor CVE feeds, extract indicators of compromise, generate signatures, test for false positives and push updates automatically to the Cato Cloud. No specific CVE or vulnerability is disclosed; the improvement applies to any newly published vulnerability. Source: Help Net Security