New Features & Enhancements

• MDR Stories View in Cato Management Application: Customers of Cato’s MDR service now have full visibility for investigations into threats in the new Detection & Response screen. Threat stories contain a broad range of information that lets the customer:
  • Show live data about compromised sources and destinations
  • Track the progress of investigations
  • Analyze details of relevant traffic
  • Learn more about threats with third-party utilities
  • Coordinate better with the MDR team for effective remediation
• Improved Visibility for Domain Categorization: The Domain Lookup tab is a new feature for the Apps Catalog that lets you identify how a specific domain is categorized in Cato Cloud. For example, you can look up a website and see if it is included in the Gambling category that is blocked by the Internet Firewall.
• New Supported File Type for Anti-Malware: SVG files are included in Anti-Malware scans.
  The Anti-Malware service can now inspect SVG files for malicious and suspicious content.
• Cato Management Application Enhancements:
  • Get the Latest Events with a New Refresh Button: Starting on January 16, there will be a new Refresh button in the Events screen to quickly and easily refresh it. The events list and any new or changed events are updated.

Cato SDP Client Releases

• Windows Client v5.6: Soon we will start the gradual roll-out for the Windows Client version 5.6. Below is a preview of planned features and enhancements for this version. Read more about best practices for upgrading Clients.
• Improved Out-of-the-Box Security:
• Deploying Clients with Always-On Enabled: You can automatically enable Always-On for new Client installations, so that users will not have Internet access until after they are authenticated.
• Automatically Show Client when the Device Starts: To let an SDP user set up a new device and easily find the Client and then Connect to the network, you can now use a registry flag to define if the Client app automatically opens or not.
• Exclude Network Ranges from LAN Blocking: Use the Split Tunnel feature with LAN Blocking to define subnets that are excluded from the tunnel. For example, this lets a device connect to a LAN printer even though LAN Blocking is enabled.
• Enhanced Windows Client Upgrade Process: We added roll-back functionality to the Client, and if there’s an issue during the upgrade, the Client automatically rolls back to the previous version.
• The Client automatically upgrades to the next minor Client version when it is available
• Improvements to Client Self Service: When using Self Service to troubleshoot the Client, now includes data from the Cato Cloud in addition to the local device.
• macOS Client v5.3: Soon we will start the gradual roll-out for the macOS Client version 5.3. Below is a preview of planned features and enhancements for this version. Read more about best practices for upgrading Clients.
• Improved upgrade experience for SDP users, and they are no longer required authenticate to the macOS during the upgrade
• Admins no longer need to manually distribute the Cato certificate for TLS Inspection, the Client automatically installs it on the macOS device (similar to the Windows Client)
• Performance improvements for macOS devices with the native Apple CPU chips

Security Updates

• IPS Signatures:  
• Malware - Brute Ratel (New)
• Malware - Qakbot (Enhancement)
• CVE-2022-37149
• CVE-2022-2564
• Application Database: 
•  Added more than 200 new SaaS applications (you can view the SaaS apps in the Apps Catalog), including:
• Active Directory Global Catalog over LDAP
• Enhanced the following SaaS application:
• WeTransfer
• Updates to Application Control Policy:
• New granular actions for this app:
• Pastebin: Download
• Enhanced actions for these apps:
• WeTransfer: Upload
• GigaFile: Upload
• Yahoo Mail: Upload
• LinkedIn: Add Attachment