Cato SSE 360 provides a security service edge offering that includes DLP (data loss prevention) features based on customizable rules. Credit: iStock Israel-based SASE (secure access service edge) provider Cato Networks has announced a security service edge (SSE) offering, Cato SSE 360, that includes Cato DLP, a capability for data loss protection across business applications that allows for customizable rules. Along with SSE 360, Cato is also offering a new expert certification for the SSE architecture. “Traditional SSE architectures are mostly proxy-based solutions which have limited visibility and control over WAN traffic as they only take into account the traffic from users to the internet,” says Boaz Avigad, director of product marketing at Cato Networks. “However, at some point they'll need to cover data centers, on-prem and cloud. Cato SSE 360 does that.” SSE is defined by Gartner as a collection of integrated, cloud-centric security capabilities that facilitate safe access to websites, SaaS and in-house applications. A typical SSE solution secures web access through secure web gateways, cloud access security brokers (CASBs), DLPs and zero trust network access (ZTNA). It is a subset of SASE that does not include certain features, such as integrated SD-WAN. DLP can be considered a watchdog program that protects data assets as they flow to and from enterprise applications. It scans and blocks users from sending critical files or sensitive information, such as credit card or customer details, in an insecure manner. The rules followed by legacy DLP to do this, according to Cato, are limited, inaccurately block legitimate activities, and allow illegitimate ones. Cato DLP uses machine learning Cato DLP attempts to solve this problem using a proprietary machine learning algorithm that identifies and allows for the customization of rules. For instance, rather than explicitly blocking defined activities for applications--such as “commit” on GitHub, or “send” with an email attachment in Outlook--Cato DLP allows for expressive rules to be created (such as “block uploads”), which are then implemented across all relevant applications for all related actions. “Datatypes scanned by DLP are sometimes inaccurate because we are doing a template match with regular expressions (REGEX),” explains Avigad. “The machine learning capability we have added monitors and understands the behavior of each data type to identify anomalies.” Cato SSE 360 offers path to full SASE Cato is also offering SSE 360 customers a migration path to a full suite of SASE cloud-native security capabilities--including firewall-as-a-service (FWaaS), advanced threat prevention, and managed threat detection and response (MDR)--by connecting websites, remote workers, and cloud resources to the Cato SASE cloud. Meanwhile, the new Cato certification is specifically designed for SSE. The focus will be on SWG, CASB and ZTNA, according to Avigad. “SSE expert certification will have five sessions dedicated to each separate component of the SSE solution and is due to be released in next two weeks,” says Avigad. It is intended for users particularly interested in the SSE segment of SASE and is open for pre-registration. Cato SSE 360 with Cato DLP is available now, having had early partial availability in April 2022 for a subset of customers. Related content feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO CSO and CISO C-Suite news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry news UK data regulator warns that data breaches put abuse victims’ lives at risk The UK Information Commissioner’s Office has reprimanded seven organizations in the past 14 months for data breaches affecting victims of domestic abuse. By Michael Hill Sep 28, 2023 3 mins Electronic Health Records Data Breach Government news EchoMark releases watermarking solution to secure private communications, detect insider threats Enterprise-grade software embeds AI-driven, forensic watermarking in emails and documents to pinpoint potential insider risks By Michael Hill Sep 28, 2023 4 mins Communications Security Threat and Vulnerability Management Security Software Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe