Cato SASE Cloud Becomes First SASE Platform with Network-based Ransomware Protection

Machine learning algorithms detect and prevent the spread of ransomware across Cato customer networks, creating a multilayered enterprise ransomware defense

TEL AVIV, Israel, June 21, 2022 /PRNewswire/ --  Cato Networks, provider of the world's first SASE platform, introduced today network-based ransomware protection for the Cato SASE Cloud. Using heuristic algorithms and deep network insight, Cato detects and prevents the spread of ransomware across the enterprise without having to deploy endpoint agents. Infected machines are identified and immediately isolated for remediation.

"Ransomware protection has become job one for every CISO and CIO, but too often enterprise defense strategies remain vulnerable whether by threat actors bypassing endpoint defenses or by manipulating insiders to spread ransomware," says Etay Maor, senior director of security strategy at Cato Networks. "By identifying ransomware by its underlying network characteristics, security teams can protect the enterprise regardless of the threat vector."

Extending Ransomware Protection from the Endpoint to the Network

With today's announcement, Cato's heuristic algorithms inspect all SMB (Server Message Block) protocol flows for ransomware. SMB is the protocol used by Windows to share files and folders.

Cato researchers trained and tested these algorithms against Cato's massive data warehouse, a data lake of end-to-end attributes for all traffic flows processed by the Cato SASE Cloud. Being the network, Cato has visibility into data normally blocked by firewalls and NATs. More than a trillion flows from all Cato-connected edges – sites, users, IoT devices, cloud-connected resources, and the Internet resources – populate Cato's data lake.

Once trained, the machine-learning heuristic algorithms inspect live SMB traffic flows for a combination of network attributes including:

  • File properties such as specific file names, file extensions, creation dates, and modification dates,
  • Shared volumes access data such as metrics on users accessing remote folders,
  • Network behavior such as creating certain files and moving across the network in particular ways, and
  • Time intervals such as encrypting whole directories in seconds.

When ransomware is identified, Cato automatically blocks SMB traffic from the source device, preventing lateral movement or file encryption, and notifies the customer.  

To see a short, recorded demo of the Cato's network-based ransomware prevention technology in action visit,

Cato Delivers a Multilayered Ransomware Mitigation Strategy

Today's announcement is just part of Cato's broader, multilayered malware mitigation strategy of disrupting attacks across the MITRE ATT&CK framework.  As part of this strategy, Cato security researchers follow the techniques used by ransomware groups, updating Cato's defenses, and protecting enterprises against exploitation of known vulnerabilities in record time.

For more information about how Cato can protect your company from ransomware and other network-based threats, visit: 

About Cato Networks

Cato provides the world's first SASE platform, converging SD-WAN and network security into a global, cloud-native service. Cato optimizes and secures application access for all users and locations. Using Cato, customers easily migrate from MPLS to SD-WAN, optimize connectivity to on-premises and cloud applications, enable secure branch Internet access everywhere, and seamlessly integrate cloud datacenters and remote users into the network with a zero-trust architecture. With Cato, the network, and your business, are ready for whatever's next.


View original content to download multimedia:

SOURCE Cato Networks

Posted In: New Products/ServicesPress Releases

Ad Disclosure: The rate information is obtained by Bankrate from the listed institutions. Bankrate cannot guaranty the accuracy or availability of any rates shown above. Institutions may have different rates on their own websites than those posted on The listings that appear on this page are from companies from which this website receives compensation, which may impact how, where, and in what order products appear. This table does not include all companies or all available products.

All rates are subject to change without notice and may vary depending on location. These quotes are from banks, thrifts, and credit unions, some of whom have paid for a link to their own Web site where you can find additional information. Those with a paid link are our Advertisers. Those without a paid link are listings we obtain to improve the consumer shopping experience and are not Advertisers. To receive the rate from an Advertiser, please identify yourself as a Bankrate customer. Bank and thrift deposits are insured by the Federal Deposit Insurance Corp. Credit union deposits are insured by the National Credit Union Administration.

Consumer Satisfaction: Bankrate attempts to verify the accuracy and availability of its Advertisers' terms through its quality assurance process and requires Advertisers to agree to our Terms and Conditions and to adhere to our Quality Control Program. If you believe that you have received an inaccurate quote or are otherwise not satisfied with the services provided to you by the institution you choose, please click here.

Rate collection and criteria: Click here for more information on rate collection and criteria.