Product Update - December 30, 2024

New Features & Enhancements

  • Customize App Risk Scores: The Cato Security Research team assigns a Risk Score for each app and service in the App Catalog to help you implement your organization security policy. You can now override the Cato-defined Risk Score and assign a score customized for your organization’s security requirements.
    • The custom Risk Scores are applied wherever app Risk Score is used in the CMA, including events, App Analytics and other dashboards, as well as for Application Control rules that use Risk Score in the rule criteria
    • Click here to watch a video recording of this feature
  • STIX Format Supported for Custom IoC Lists: You can add custom IoC lists to the threat intelligence for your Cato account by configuring Container objects. We added support for the STIX format for Container source files.
    • STIX format is also supported for API configuration
    • Previously, only TXT format was supported
  • Simpler Troubleshooting for EPP Agent: To improve the efficiency of troubleshooting issues with the Endpoint Protection (EPP) agent, you can now trigger new actions from the CMA as follows:
    • Upload Logs: The agent uploads logs directly to the Support team, and then you can copy the reference ID from the Monitoring > Protected Endpoints page and add it to a Support ticket
    • Reinstall Drivers: If the drivers were not installed correctly, the agent reinstalls the EPP drivers
    • Click here to watch a video recording of this feature
  • Internet and WAN Firewall Rule Hit Counter: The Internet and WAN firewall policies now include a hit counter to help you monitor the performance of each rule in the policy. Hit counts are based on events generated by the rules, and show:
    • The number of events generated by each rule in the policy
    • How often the rule is hit relative to other rules (ranked by percentile)
    • Click here to watch a video recording of this feature
  • New API Changelog Article: We published the Cato API Changelog article as a platform for notifications on recent and planned changes to the Cato GraphQL API schema including: new and updated APIs and upcoming potentially breaking changes to the GraphQL schema.
    • We recommend that you click Follow to automatically receive email notifications for updates to this article about changes to the API
  • API Support for Cloud Interconnect Sites: We’ve added API supportfor Cloud Interconnect site creation, configuration, and monitoring to enhance your control over site deployments. These APIs can be used to simplify automation and monitoring of your Cloud Interconnect sites.
    Note: Currently, only physical (manual) connections are available using APIs, and not public cloud connections using a fabric provider (e.g. Equinix)
    • Mutation APIs:
      • addCloudInterconnectSite
      • RemoveCloudInterconnectPhysicalConnection
      • UpdateCloudInterconnectPhysicalConnection
      • AddCloudInterconnectPhysicalConnection
    • Query APIs:
      • CloudInterconnectConnectionConnectivity
  • Updated Thresholds for Network Stories in XDR: We updated the thresholds for creating BGP Session Disconnected stories. This reduces false positives, helping you focus on meaningful Network stories.

PoP Announcements

  • Chicago, United States: A new range (216.205.127.0/24) will soon be added to the Chicago PoP location.

 

Note: Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.

Was this article helpful?

0 out of 0 found this helpful

0 comments

Add your comment