Cato Networks unveils Safe TLS Inspection for encrypted traffic monitoring

Cato Networks, a SASE provider, today announced the launch of Cato Safe TLS Inspection, a solution that redefines how enterprises inspect encrypted traffic. With a new data-driven, automated engine added to the Cato SASE Cloud Platform, TLS inspection enablement becomes dramatically simpler, faster, and risk-free.

"IT security vendors continue to tout new capabilities and functionality, but if leveraging those capabilities is too difficult or complicated for enterprises, then what good are they?" said Shlomo Kramer, co-founder and CEO at Cato Networks. "Cato was founded on the belief that IT security should become easier, more agile, and more intelligent through the power of convergence. Safe TLS Inspection embodies that philosophy, enabling enterprises to take advantage of the full power of a SASE platform painlessly."

With visibility into encrypted cloud application traffic, CIOs, CISOs, and their teams can now:

• Improve their security posture by reducing the attack surface, uncovering hidden threats in encrypted traffic, and preventing sensitive data loss by gaining full visibility into cloud application traffic.
• Reduce operational overhead by eliminating the manual configurations and ongoing maintenance required by traditional TLS inspection solutions, freeing up IT resources and reducing technical debt.
• Enhance compliance by automatically recommending inspection bypass rules for applications and domains pertaining to specific sectors, such as healthcare, financial, and government sectors, while continuing to inspect other flows.

Overall, Cato Safe TLS Inspection allows IT teams to better secure cloud applications, deliver compliance-driven data protection, and enhance security for remote and hybrid workforces.

With over 85% of all websites using HTTPS, IT teams must inspect TLS traffic to prevent data loss and stop advanced threats from reaching users, applications, or sensitive company resources. However, in our experience, many enterprises forgo inspecting TLS traffic partly or entirely because inspection risks disrupting application performance and places an ongoing management burden on IT teams.

TLS inspection helps to detect and block malware, unauthorized data access, and policy violations within secure channels. In the Q3 2024 Cato CTRL SASE Threat Report, which was also released today, Cato CTRL (Cyber Threats Research Lab) found that only 45% of participating organizations enable TLS inspection. Even worse, only 3% of organizations inspect all relevant TLS-encrypted connections. Overall, Cato CTRL found that organizations that enabled TLS inspection blocked 52% more malicious traffic than organizations without TLS inspection.

With Safe TLS Inspection, Cato eliminates the complexity and risk of inspecting encrypted sessions. By harnessing the vast amount of real-time traffic data and deep application intelligence of the Cato SASE Cloud Platform, Cato proactively recommends precise TLS inspection or bypass rules tailored to each customer's unique traffic patterns. In minutes, IT teams can implement essential TLS inspection rules that would otherwise require weeks of tedious application and domain research.

Safe TLS Inspection is powered by Cato's unique crowdsourced approach to application analysis. The Cato SASE Cloud Platform continuously monitors the behavior of TLS-encrypted traffic across the networks of its thousands of customers. As applications establish or fail to establish a TLS connection, Cato updates the Cato application library. This collective intelligence builds a rapidly expanding, dynamic library of safe-to-inspect TLS-encrypted applications and domains. The library now surpasses 10,000 entries and grows by several hundred applications each week.

Solving for challenges that have long hindered TLS inspection, Cato Safe TLS Inspection eliminates the operational burden of manually managing bypass lists, ensuring encrypted traffic can be inspected seamlessly without disrupting the user experience.

Availability

Cato is making Safe TLS Inspection available to all customers globally at no additional charge as part of the Cato SASE Cloud Platform. To learn more about Cato Safe TLS Inspection, visit https://www.catonetworks.com/blog/how-cato-is-transforming-encrypted-traffic-security/.