Product Updates - April 20, 2026

New Features & Enhancements

  • Visualize Ask AI Answers in Charts: Faster troubleshooting and analysis in Ask AI with pie and line charts that make trends, anomalies, and distribution easier to understand.
    • Quickly spot trends and anomalies in network and security data
  • Enterprise Browser v1.0.4.38: The Enterprise Browser provides secure access to sensitive SaaS and private applications from unmanaged devices, without installing the Cato Client.
    • Dedicated, managed workspaces where corporate activity is isolated from personal browsing
    • Unified security policies such as Internet Firewall, CASB, and Data Protection are consistently enforced across all users
  • Detailed Visibility of Interconnected Apps - Support for Zendesk and Google Workspace: View detailed information about third-party apps and plugins connected to Zendesk or Google Workspace. This visibility helps you understand which external apps are used in your environment and how they interact with core services.
    • View the Plugins option in the Security > Applications page on the Inventory tab
    • Requires a CASB license
  • Traceroute-Based Path Analysis in Experience Monitoring: Gain hop-by-hop visibility into network paths with continuous traceroute data to quickly identify where latency or packet loss occurs between the Socket, PoP, and application.
    • Available in the Connection Details section of Site, Host, and Office User drill-down pages
    • Supported for Socket site traffic with Socket v25 and higher
    • Requires a DEM license
  • DEM Enhancements for Microsoft Teams Integrations: To better indicate end-user experience issues, MS Teams performance on the Experience Monitoring page is now displayed as a meetings timeline instead of a general application experience score. This enables more precise detection and troubleshooting of experience degradation.
    • Requires DEM license
  • Global Language Support for Predefined ML Classifiers in DLP: Predefined ML classifiers for DLP now support over one hundred languages. This improves the detection of sensitive content in multilingual documents. You can use these classifiers in DLP content profiles to identify sensitive document types such as medical records, tax forms, patent documents, resumes, and immigration forms.
     
  • Use Enterprise Browser or Browser Extension in Firewall Policies: We are starting to gradually roll out the ability to enforce more granular Internet and WAN firewall policies based on how users access applications, and use the Cato Enterprise Browser and Browser Extension as the Origin of the connection for a rule. This helps you apply different controls for access paths while improving segmentation for sensitive applications.
    • Available from April 30, 2026
       

  • Domain and FQDN Support for Client Split Tunnel Policy: Use Domain and FQDN in Split Tunnel policies to include or exclude destinations. This provides a more flexible way to route traffic for remote users, particularly for SaaS services and Applications using dynamic public IPs.

    • Requires DNS Relay running on the device

    • Available from April 30, 2026
  • Provide AI Security Analysis Feedback from the CMA: When reviewing prompts in the Cato Management Application (CMA) Session Explorer, you can give feedback for false positives and missed detections. This feedback helps improve the AI Security engine results.
    • Select the specific detectors you want to give feedback for each prompt, and add additional free-text feedback
    • Requires AI Security license
  • Bidirectional Webhooks Integration with ITSMs for Stories: Integrate XOps stories with external service management platforms using bidirectional webhooks. When an XOps story is created, a matching ticket is automatically created in the service management platform. Comments added to that ticket are synced to the CMA, making it easier to follow updates and collaborate from one place.
    • Built-in templates for ServiceNow and Zendesk
    • Requires XOps license
  • New Fields for appStats API: We enhanced the appStats API with new application experience metrics, enabling programmatic access to user, host, and application performance data. Previously, these metrics were only available in the Experience Monitoring pages.
    • For more information about the fields, see this article
    • Requires a DEM license
  • Gradual Rollout of Socket v25.0.22707: We are starting to gradually roll out Socket version 25.0.22707 to customers, including firmware for new features, enhancements, and bug fixes. No customer action is required.

PoP Announcements

  • New Delhi, IN: We added a new Cato PoP location in New Delhi on a limited availability basis.
    • For more information about limited availability PoPs, see this article
  • New Localized IP Range for Estonia: The following localized IP range for Estonia (serviced through the Helsinki PoP location) is now available:
    • EE: 159.117.235.32/27
  • New ranges will soon be added to these PoP locations:
    • Chicago, US: 199.27.51.0/24
    • Tokyo, JP: 113.30.134.0/24

 

Note: Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.

Was this article helpful?

0 out of 0 found this helpful

0 comments