Cato Networks Unveils Safe TLS Inspection, Redefining Encrypted Traffic Monitoring  

November 19th, 2024

 Cato automates TLS inspection, improving security posture and saving IT weeks of work  

TEL AVIV, Israel, November 19, 2024 Cato Networks, the SASE leader, today announced the launch of Cato Safe TLS Inspection, a groundbreaking solution that redefines how enterprises inspect encrypted traffic. With a new data-driven, automated engine added to the Cato SASE Cloud Platform, TLS inspection enablement becomes dramatically simpler, faster, and risk-free, addressing a long-standing network security challenge.  

Only a fraction of today’s enterprises fully inspect TLS flows due to the operational burden and risk imposed by such action. Failure to inspect TLS flows increases the likelihood of a cyberattack. With today’s announcement, Cato becomes the first Single-vendor SASE Leader to automate the enabling of TLS inspection, saving IT teams weeks of work without the risk of disrupting business applications. 

“IT security vendors continue to tout new capabilities and functionality, but if leveraging those capabilities is too difficult or complicated for enterprises, then what good are they?” said Shlomo Kramer, co-founder and CEO at Cato Networks. “Cato was founded on the belief that IT security should become easier, more agile, and more intelligent through the power of convergence. Safe TLS Inspection embodies that philosophy, enabling enterprises to take advantage of the full power of a SASE platform painlessly.” 

Benefits of Cato Safe TLS Inspection 

With visibility into encrypted cloud application traffic, CIOs, CISOs, and their teams can now: 

  • Improve Their Security Posture by reducing the attack surface, uncovering hidden threats in encrypted traffic, and preventing sensitive data loss by gaining full visibility into cloud application traffic. 
  • Reduce Operational Overhead by eliminating the manual configurations and ongoing maintenance required by traditional TLS inspection solutions, freeing up IT resources and reducing technical debt. 
  • Enhance Compliance by automatically recommending inspection bypass rules for applications and domains pertaining to specific sectors, such as healthcare, financial, and government sectors, while continuing to inspect other flows. 

Overall, Cato Safe TLS Inspection allows IT teams to better secure cloud applications, deliver compliance-driven data protection, and enhance security for remote and hybrid workforces. 

Enterprise Security Blind Spots: The Risk of Skipping TLS Inspection 

With over 85% of all websites using HTTPS, IT teams must inspect TLS traffic to prevent data loss and stop advanced threats from reaching users, applications, or sensitive company resources. However, in our experience, many enterprises forgo inspecting TLS traffic partly or entirely because inspection risks disrupting application performance and places an ongoing management burden on IT teams. 

TLS inspection helps to detect and block malware, unauthorized data access, and policy violations within secure channels. In the Q3 2024 Cato CTRL SASE Threat Report, which was also released today, Cato CTRL (Cyber Threats Research Lab) found that only 45% of participating organizations enable TLS inspection. Even worse, only 3% of organizations inspect all relevant TLS-encrypted connections. Overall, Cato CTRL found that organizations that enabled TLS inspection blocked 52% more malicious traffic than organizations without TLS inspection.   

Effortless TLS Inspection is Essential for Better Security Posture  

With Safe TLS Inspection, Cato eliminates the complexity and risk of inspecting encrypted sessions. By harnessing the vast amount of real-time traffic data and deep application intelligence of the Cato SASE Cloud Platform, Cato proactively recommends precise TLS inspection or bypass rules tailored to each customer’s unique traffic patterns. In minutes, IT teams can implement essential TLS inspection rules that would otherwise require weeks of tedious application and domain research.    

Safe TLS Inspection is powered by Cato’s unique crowdsourced approach to application analysis. The Cato SASE Cloud Platform continuously monitors the behavior of TLS-encrypted traffic across the networks of its thousands of customers. As applications establish or fail to establish a TLS connection, Cato updates the Cato application library. This collective intelligence builds a rapidly expanding, dynamic library of safe-to-inspect TLS-encrypted applications and domains. The library now surpasses 10,000 entries and grows by several hundred applications each week.   

Solving for challenges that have long hindered TLS inspection, Cato Safe TLS Inspection eliminates the operational burden of manually managing bypass lists, ensuring encrypted traffic can be inspected seamlessly without disrupting the user experience. 

Availability 

Cato is making Safe TLS Inspection available to all customers globally at no additional charge as part of the Cato SASE Cloud Platform. To learn more about Cato Safe TLS Inspection, visit https://www.catonetworks.com/blog/how-cato-is-transforming-encrypted-traffic-security/

Resources 

About Cato Networks 

Cato Networks delivers enterprise security and networking in a single cloud platform. The SASE leader creates a seamless and elegant customer experience that effortlessly enables threat prevention, data protection, and timely incident detection and response. With Cato, organizations replace costly and rigid legacy infrastructure with an open and modular SASE architecture based on SD-WAN, a purpose-built global cloud network, and an embedded cloud-native security stack.  

Want to learn why thousands of organizations secure their future with Cato? Visit us at www.catonetworks.com

  

Media Contact 

Cato Communications 

press@catonetworks.com