Cato Networks, delivering the leading network security platform for the AI era, today announced what it believes to be a new world record for CVE mitigation, reducing time-to-protect for newly disclosed vulnerabilities to 45 minutes. Traditional CVE mitigation needs weeks to move from disclosure to protection, a window that Cato previously compressed to just hours due to its software architecture. With new agentic threat research, Cato reduces this gap even further, helping organizations protect against emerging exploits at machine speed.
Traditional appliance-based security depends on a slow customer-operated patching cycle: vendors develop protections, customers receive updates, teams test them, and thousands of distributed appliances must be upgraded or configured. In the AI era, that model cannot keep pace with exploit velocity.
“Attackers move in minutes. Appliance-centric security still moves in patch cycles,” said Shlomo Kramer, co-founder and CEO of Cato Networks. “Cato closes the gap by turning new CVE intelligence into protections deployed globally across our cloud service, with zero customer effort. In the AI era, security architecture is no longer a matter of efficiency. It is a do-or-die security decision.”
Cato brings agentic acceleration to a CVE protection lifecycle already proven at cloud scale. For nearly a decade, Cato has monitored CVEs, developed protections, validated efficacy, and deployed updates automatically across the Cato Cloud with near-zero false positives, enabling record setting CVE mitigation even before the development of agentic researchers. Agentic CVE mitigation builds on this proven operating model, using AI agents to accelerate each step of the process and deliver faster protection to customers.
Cato’s agentic CVE mitigation runs the full protection lifecycle with human supervision, but without human involvement:
- Monitor and triage publication of disclosed vulnerabilities from multiple sources
- Extract IoCs and exploit reproduction in a lab environment
- Develop threat signatures based on Cato’s unique and contextual language
- Test and simulate threat signatures to eliminate false positives and disruption
- Deploy threat signature to the global Cato Cloud Platform
Cato’s cloud-native platform is updated automatically, removing the burden of customer-owned patching across a distributed security infrastructure. Cato is uniquely positioned because it brings together the three architectural requirements for agentic security operations: the network to see attacks, the platform to correlate context, and the cloud to enforce protection globally. This combination enables Cato to operationalize security at machine speed.
Read Also: Tanium and Censys Join Forces to Accelerate Continuous Exposure Management in the Age of AI
