Article Details

SASE Threat Report: 8 Key Findings for Enterprise Security. Threat actors are evolving, yet Cyber Threat Intelligence (CTI) remains confined to each isolated point solution. Organizations require a holistic analysis across external data, inbound and outbound threats and network activity. This will enable evaluating the true state of cybersecurity in the enterprise. Cato's Cyber Threat Research Lab (Cato CTRL, see more details below) has recently released its first SASE threat report, offering a comprehensive view of and insights into enterprise and network threats. This is based on Cato's capabilities to analyze networks extensively and granularly (see report sources below). About the Report The SASE Threat Report covers threats across a strategic, tactical and operational standpoint, utilizing the MITRE ATT&CK framework. It includes malicious and suspicious activities, as well as the applications, protocols and tools running on the networks. The report is based on: Cato's data was gathered from: The depth and breadth of these resources provides Cato with a view into enterprise security activity like no other. What is Cato CTRL? Cato CTRL (Cyber Threats Research Lab) is the world's first unique combination of top human intelligence and comprehensive network and security insights, made possible by Cato's AI-enhanced, global SASE platform. Dozens of former military intelligence analysts, researchers, data scientists, academics, and industry-recognized security professionals analyze granular network and security insights. The result is a comprehensive and one of a kind view of the latest cyber threats and threat actors. Cato CTRL provides the SOC with tactical data, managers with operational threat intelligence and the management and board with strategic briefings. This includes monitoring and reporting on security industry trends and events, which have also supported the analysis and creation of the SASE Threat Report. Now let's dive into the report itself. Top 8 Findings and Insights from the Cato CTRL SASE Threat Report The comprehensive report offers a wealth of insights and information valuable for any security or IT professional. The top findings are: 1. Enterprises are widely embracing AI Enterprises are adopting AI tools across the board. Non-surprisingly, the most common ones were Microsoft Copilot and OpenAI ChatGPT. They were also adopting Emol, an application for recording emotions and talking with AI robots. 2. Read the report to see what hackers are talking about Hacker forums are a valuable source of intelligence information, but monitoring them is a challenge. Cato CTRL monitors such discussions, with some interesting findings: 3. Well-known brands are being spoofed Brands like Booking, Amazon and eBay are being spoofed for fraud and other exploitation purposes. Buyers beware. 4. Enterprise networks allow lateral movement In many enterprise networks, attackers can easily move across the network, since there are unsecured protocols across the WAN: 5. The real threat is not zero-day Rather, it's unpatched systems and the latest vulnerabilities. Log4J (CVE-2021-44228), for example, is still one of the most used exploits. 6. Security exploitations differ across industries Industries are being targeted differently. For example: Practices differ as well. For example: 7. Context matters Attackers' actions and methods might seem benign at first, but a different look shows they are actually malicious. It takes a contextual understanding of network patterns, combined with AI/ML algorithms, to monitor and detect suspicious activity. 8. 1% Adoption of DNSSEC DNS is a critical component of enterprise operations, yet Secure DNS isn't being adopted. Why? The Cato CTRL team has some hypotheses. To read more insights and dive deep into the existing threats, vulnerabilities, hacking communities, enterprise behavior, and more, read the entire report. Continuous Attack Surface Discovery & Penetration Testing Continuously discover, prioritize, & mitigate exposures with evidence-backed ASM, Pentesting, and Red Teaming.