Product Updates - February 2, 2026

New Features & Enhancements

  • Turnkey Integration with Microsoft Sentinel: Streamline operations by automatically forwarding Cato events to Microsoft Sentinel for unified monitoring and analysis. The built-in integration:
    • Reduces setup time and eliminates the need for custom scripts or connectors
    • Uses Cato events schema
    • Enhances visibility through centralized event management
  • Detailed Visibility of Interconnected Apps: View detailed information about third-party apps and plugins connected to critical business apps. This visibility helps you understand which external apps are used in your environment and how they interact with core services. For example, you can review apps integrated with Slack to quickly assess their security posture.
    • Currently supported for Slack and Entra ID
    • CASB license required
  • DLP Uses Machine Learning to Identify Images: Data Loss Prevention (DLP) can now inspect image files to detect sensitive data in images and prevent them from being exfiltrated.
    • Machine Learning (ML) is used to identify sensitive images based on models that dynamically learn and evolve with changing data patterns
    • The new Image ML Classifier provides comprehensive detection for images of personal documents, engineering diagrams, and collaboration (for example, images of a handwritten note with sensitive information)
    • DLP license required
  • Granular RBAC for Policy Management: Delegate managing a set of rules as a subpolicy, and then assign admin permissions to access the subpolicies.
    • Maintains centralized control over the global policy and lets you delegate ownership of a subpolicy to specific teams
    • Supported for Internet Firewall and WAN Firewall policies
    • For example, delegate a subpolicy of traffic to sites in France to the French SOC team
  • Access Point Integration for Enhanced Device Inventory Identification: To improve device visibility and accuracy, you can integrate third-party access point device data with Cato’s device discovery for the IoT/OT Security service. This integration leverages machine learning–driven capabilities to enhance device identification and classification across wireless networks.
    • Initial support includes Juniper Mist access points
    • Requires an IoT/OT Security license and configuration of the Juniper Mist connector
  • Turnkey Integration with Splunk: Streamline operations by automatically forwarding Cato events to Splunk for unified monitoring and analysis. The built-in integration:
    • Reduces setup time and eliminates the need for custom scripts or connectors
    • Uses Cato events schema
    • Enhances visibility through centralized event management
  • Improved Management of Best Practice Checks: Mute or dismiss a Best Practice check or specific findings within a check to increase the accuracy and relevance of your account score displayed on the Best Practices page.
    • Initially supported for the Internet Firewall, other policies will be supported in the coming weeks
  • Browser Extension v1.5: During the week of February 1, 2026, a new Browser Extension version 1.5 will be available in the Chrome Web Store, and includes improved performance fixes.

PoP Announcements

  • Bangkok, TH: A new range (113.30.130.0/24) is now available for the Bangkok PoP location.
  • New ranges will soon be added to these PoP locations:
    • Marseille, FR: 159.117.239.0/24
    • Chennai, IN: 113.30.132.0/24

Security Updates

  • Apps Catalog

    View more details about apps in the Apps Catalog.

    • New Apps: 20 new apps – BuzzSumo, Geekbot, Linear, NewReleases, OpenPoll, Peerbound, PollChamp, Polly, Pylon, Redash, Semgrep, Shufflet, Standuply, StatusGator, Stream, Tatsu, Timy, UserGems, Walnut, Workast
    • Enhanced Apps:
      • Genesys
        • Updated app IPs

  • IPS Signatures

    View more details about the IPS signatures and protections in the Threats Catalog.

    • CVE-2024-29269 (New)
    • CVE-2025-11700 (New)
    • CVE-2025-4009 (New)
    • CVE-2025-52691 (New)
    • CVE-2025-54253 (Enhancement)
    • CVE-2025-64446 (New)
    • CVE-2025-68613 (New)
    • CVE-2026-21859 (New)
    • CVE-2026-24061 (New)
  • XDR Indications of Attack
    • Anomaly Detection
      • Abnormal Data Upload to AI Application by User (New)
    • Threat Hunting
      • Suspicious Chrome Extension (New)

  • Application Control Via API and Data Protection API Integrations

    The enhancements were made for Application Control Via API

    • GitHub
      • Anomaly Events (Enhancement)
    • Dropbox
      • Anomaly Events (New)
    • SentinelOne
      • EDR (Enhancement)
    • CrowdStrike
      • EDR (Enhancement)
      • Devices (Enhancement)

Note: Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.

Was this article helpful?

0 out of 0 found this helpful

0 comments