Product Update - May 1st, 2023

New Features & Enhancements

  • IPS Engine Enhancements: We added new machine learning models and algorithms to provide real-time protection against malicious domains created for cybersquatting or by a domain generation algorithm (DGA). These threats can’t be effectively stopped using static threat feeds, due to constantly shifting tactics for creating the domains. To address this, Cato developed this unique capability for real-time detection of new malicious domains.

  • Enhanced Filtering Capabilities for Support Self-Service Portal: The Support Self-Service portal now supports adding multiple IPs to the destination filter.

  • ILMM Service Enhancement - Scheduled Maintenance for Sites and Links: ILMM customers can now define maintenance windows for sites and links, and let the ILMM service know about upcoming disruptions. This means that the ILMM service is paused for the sites or links during the duration of the maintenance window.

Security Updates

  • IPS Signatures: 

    • Ransomware Abyss (New)

    • Ransomware CrossLock (New)

    • Ransomware CryptNet (New)

    • Ransomware Dark Power (New)

    • Ransomware IndustrialSpy (New)

    • Ransomware Money Message (New)

    • Ransomware Nokoyawa (New)

    • Ransomware Rorschach (New)

    • Ransomware Trigona (New)

    • Malware Emotet (Enhancement)

    • CVE-2023-25194

    • CVE-2023-23752

    • CVE-2023-22960

    • CVE-2023-22952

    • CVE-2023-22374

    • CVE-2023-1112

    • CVE-2022-47986

    • CVE-2022-46164

    • CVE-2022-39952

    • CVE-2022-37155

    • CVE-2022-36537

    • CVE-2022-29774

    • CVE-2021-41403

    • CVE-2021-35250

    • CVE-2021-30497

    • CVE-2021-29156 

  • Suspicious Activity Monitoring:

    • Powershell response RCE (New)

    • Powershell download MZ file (New)

    • Python download PE file (New)

    • Ruby download binary (Enhancement)

  • Application Database:

    • Added more than 100 new SaaS applications (you can view the SaaS apps in the Apps Catalog)

    • Microsoft Azure enhanced with new Azure sub-services

    • Line (Enhancement)

    • Line Works (Enhancement)

    • LinkedIn (Enhancement)

    • Microsoft Azure (Enhancement)

    • Naver (Enhancement)

    • RADIUS Protocol Over TLS (Enhancement)

  • Application Control Policy (CASB):

    • Enhanced granular actions for these apps:

      • WhatsApp: Upload, Download

      • Dropbox: Upload, Download

  • Data Loss Prevention (DLP):

    • Enhanced granular actions for these apps:

      • Dropbox: Upload, Download

  • TLS Inspection:

    • Safari browser (Enhancement)

Was this article helpful?

0 out of 0 found this helpful

0 comments

Add your comment