A risk-based approach restricts access to specific resources and capabilities within applications. Credit: Putilich / Getty Images SASE platform provider Cato Networks has introduced a new risk-based application access control for combatting security threats and productivity challenges posed by remote working and bring your own device (BYOD). The vendor said that with its new control, enterprise policies can consider real-time device context when restricting access to capabilities within corporate applications, as well as internet and cloud resources. The announcement comes amid calls from global governments for organizations to assess and improve their cybersecurity defenses in response to ongoing military and cyber tensions surrounding the Russia-Ukraine conflict.New access control uses converged device contextIn today’s threat landscape, user identity alone is not sufficient for zero-trust network access (ZTNA) or BYOD risk assessment, Cato stated in a press release. Identity spoofing and rogue personal devices pose significant security threats, and so an enforcement solution with contextual awareness to balance user productivity with risk mitigation is required, it added.To address the challenge, Cato is embedding continuous device context assessment throughout its cloud-native software stack the Cato Single Pass Cloud Engine (SPACE). This will continuously assess the posture of a user’s device, acting when the device falls out of compliance. By exposing context attributes, they become available across all current and future Cato capabilities to enable granular control over user application access, the firm explained. Device context attributes include anti-malware type as well as the presence of a client-side firewall, full disk encryption, and patch levels, with information gathered by the OPSWAT OESIS framework as part of the Cato Client.Device context restricts user access to specific resources and capabilitiesThrough device context, user access can be restricted to specific resources and capabilities, allowing IT teams to create access policies that balance users’ real-time risk posture with their need for resource access, Cato said. Use case examples include: When working from a personal device remotely, a user could be given permissions to upload to the collaboration platform but not download data, with no other resources available. When working from a corporate device, the same user could be given download permissions with read-only access to financial systems, ERP and CRM systems granted.When working from a corporate device with current anti-malware, a user could be given read and write access to the collaboration platform, financial systems, and file shares.Access to all resources may be blocked when users appear to be working from any device in an unusual geolocation, such as a warzone.“We’re excited to be partnering with Cato Networks,” commented Hamid Karimi, vice president of technology alliances and OEM at OPSWAT. “By utilizing the OESIS Framework to access endpoint metadata, Cato’s converged, cloud-native SASE platform enables enterprise IT teams to establish granular policies that reduce the attack surface.” Related content news Apple patches info-stealing, zero day bugs in iPads and Macs The vulnerabilities that can allow the leaking of sensitive information and enable arbitrary code execution have had exploitations in the wild. By Shweta Sharma Dec 01, 2023 3 mins Zero-day vulnerability feature The CSO guide to top security conferences Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you. By CSO Staff Dec 01, 2023 6 mins Technology Industry IT Skills Events news Conti-linked ransomware takes in $107 million in ransoms: Report A ransomware campaign linked to the ostensibly defunct Conti malware group has targeted mostly US businesses, in a costly series of attacks. By Jon Gold Nov 30, 2023 4 mins Ransomware news Okta confirms recent hack affected all customers within the affected system Contrary to its earlier analysis, Okta has confirmed that all of its customer support system users are affected by the recent security incident. By Shweta Sharma Nov 30, 2023 3 mins Data Breach Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe