Cato Networks recently unveiled new generative AI capabilities in its Cloud Access Security Broker (CASB) that the secure access service edge (SASE) provider says will let enterprise IT organizations detect, analyze, and gain insights into the use of genAI applications.
Cato CASB is a native feature in the Cato SASE Cloud Platform that can track applications that employees access, where employees log in from, and in some cases, what they do when using those applications. Cato added to the CASB a shadow AI dashboard as well as a policy engine that the company says will help enterprise IT teams gain visibility into end-user activities with genAI applications and enforce rules related to genAI use.
“Cato Networks gives us the confidence to embrace genAI without the fear of exposing sensitive data or intellectual property,” Shayne Green, head of security operations at CloudFactory, said in a statement. “With Cato’s CASB new genAI security controls, we can adopt genAI tools in a risk-controlled manner.”
CASBs sit between an end user and a cloud service to enforce security policies, protect data, and ensure compliance. CASBs provide enterprise network and security teams with information on how end users are accessing and using cloud resources such as data, applications, and services. They provide visibility into cloud usage, control access to cloud applications, and offer threat protection to enterprise environments—and are often integrated into SASE platforms.
While genAI has become a popular tool for many end users, enterprise IT teams must be able to monitor its use and ensure the activity doesn’t pose a threat to the environment. According to Cato Networks, genAI adoption has led to a “shadow AI” problem. Similar to shadow IT, shadow AI is the use of AI tools by end users without the explicit knowledge or approval of the organization’s IT or security teams. Gartner predicts by 2027 that more than 40% of AI-related data breaches will be caused by “the improper use of genAI across borders.” With the added genAI security controls, Cato CASB enables enterprise IT and security teams to:
- Discover pockets of shadow AI by detecting and distinguishing between sanctioned and unsanctioned use by identifying all genAI applications and classifying them. (Cato tracks 950+ genAI applications.)
- Control access to genAI application by defining what actions can be done with genAI apps and enforcing those access policies at a granular level.
- Protect sensitive data by limiting or preventing sensitive data from being uploaded to large language models (LLM).
- Maintain governance and compliance by monitoring end-user activities with genAI and aligning with corporate policies and regulatory standards.
“Enterprises need smart ways to govern genAI,” Ofir Agasi, vice president of product management at Cato Networks, said in a statement. “With our enhancements to Cato CASB, we are harnessing AI within the Cato SASE Cloud Platform to discover, classify, and secure how genAI applications are used across the enterprise. We’re giving security and IT teams the tools to manage risk and enable innovation responsibly.”
Cato SASE Cloud Platform runs on a private global backbone of more than 90+ points of presence (PoP) connected via multiple SLA-backed network providers. The PoPs software continuously monitors the providers for latency, packet loss, and jitter to determine in real-time the best route for every packet. Cato applies optimization and acceleration to all traffic going through the backbone to enhance application performance and the user experience. To ensure all locations benefit, Cato optimizes traffic from all the edges and toward all destinations, on-premises and in the cloud.
The genAI security controls for Cato CASB are generally available for customers globally now.
Source:: Network World