Cato Networks Launches GenAI Security Controls To Mitigate Shadow AI Risk
Cato Networks has introduced generative AI (GenAI) security controls for Cato CASB (Cloud Access Security Broker). Cato CASB, a native feature in the Cato SASE Cloud Platform, is now enhanced with new capabilities for GenAI applications including a shadow AI dashboard and policy engine. With the shadow AI dashboard, enterprises can detect, analyze, and gain insights into the use of GenAI. With the policy engine, enterprises can take control of user activities in GenAI applications. Combined, Cato is enabling security and IT teams to balance innovation with risk management.
GenAI has rapidly become a go-to tool for employees to enhance productivity and automate tasks. However, this surge in GenAI adoption has led to a growing shadow AI problem, where employees use GenAI applications without IT supervision. According to Gartner®, 'by 2027, more than 40% of AI-related data breaches will be caused by the improper use of generative AI (GenAI) across borders.'¹
The increasing trend of shadow AI exposes enterprises to security, compliance, and operational risks. Sensitive company data may be unknowingly shared with GenAI applications, regulatory requirements may be violated, and misinformation or biased outputs could impact business decisions.
With the new GenAI security controls for Cato CASB, security and IT teams can: Uncover shadow AI: Distinguish between sanctioned and unsanctioned use by identifying all GenAI applications and classifying them. Cato offers a catalog of 950+ GenAI applications. Control GenAI application access: Ensure responsible use of GenAI by defining and enforcing access policies at a granular level. Control which GenAI applications can be accessed and exactly what actions (upload, download, etc.) can be done within them. Protect sensitive data: Limit or prevent sensitive data from being uploaded to large language models (LLMs), avoiding data security and confidentiality violations in real time. Maintain governance and compliance: Enable adoption of GenAI usage with full visibility to all user activities, and in a manner that aligns with corporate policies and regulatory standards.
'Enterprises need smart ways to govern GenAI,' said Ofir Agasi, vice president of product management at Cato Networks. 'With our enhancements to Cato CASB, we are harnessing AI within the Cato SASE Cloud Platform to discover, classify, and secure how GenAI applications are used across the enterprise. We're giving security and IT teams the tools to manage risk and enable innovation responsibly.'
'Cato Networks gives us the confidence to embrace GenAI without the fear of exposing sensitive data or intellectual property,' said Shayne Green, head of security operations at CloudFactory. 'With Cato CASB's new GenAI security controls, we can adopt GenAI tools in a risk-controlled manner.'
The GenAI security controls for Cato CASB are generally available for customers globally. 0 0
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Arabian Post
5 hours ago
- Arabian Post
Canonical Ends Bazaar Hosting on Launchpad
Canonical will cease all Bazaar code hosting on its Launchpad platform in two stages, culminating on 1 September 2025. The legacy version control system, once the backbone of many Ubuntu-related projects, will see its web interface retired soon, followed by full removal of backend functionality. Users of Bazaar, including developers relying on Ubuntu Engineering, must migrate to Git or other supported systems ahead of the deadline to preserve continuity. Bazaar, created by Martin Pool and sponsored by Canonical, never matched Git in popularity. With its last stable release in 2016, it gradually lost traction among open‑source communities. Today, Git has become the standard, hosting the vast majority of collaborative software development activity. Canonical itself acknowledged that maintaining Bazaar consumed significant development, operational, and infrastructure resources, resources now better allocated to modernising Ubuntu and Launchpad. Launchpad's rollback of Bazaar support will begin with the immediate shutdown of the Loggerhead web frontend, used for browsing Bazaar code repositories. Canonical cited declining legitimate traffic, with much of the web interface usage now coming from scrapers and automated bots. At this stage, developers will still be able to interact with repositories via command‑line tools, with pushes, pulls, and merges unaffected. The second phase, starting 1 September 2025, will eliminate the Bazaar backend entirely. After this date, Launchpad will no longer host Bazaar repositories, meaning developers cannot push, pull, merge, or browse code via Bazaar. Canonical has urged all users to migrate their code before this shutdown to avoid service disruption. ADVERTISEMENT Migration instructions have been made available on Ubuntu's Discourse platform and Launchpad's documentation site. The recommended method relies on native Bazaar‑to‑Git interop, using tools like 'brz push' that convert Bazaar revisions into Git history. Users have reported this process to be slower but more reliable than older export‑import methods. Not all Bazaar users are fluent with Git. In community discussions, one long‑time developer lamented that 'I love the simplicity of bazaar/launchpad… I really do not get git.' Another emphasised the invaluable contributions of Jezmer Vernooij, the maintainer of the Breezy fork, describing him as 'probably the most tangible act of generosity that can be made among strangers in the open source world'. Ubuntu and Launchpad gained prominence through Bazaar because it was once the only version control system supported for packaging and PPAs. Over time, Git's features, performance, branching model, and ecosystem—spanning GitHub, GitLab, and Bitbucket—made it the clear choice for modern development. Canonical highlighted its decision to deprecate Bazaar as part of its broader effort to modernise development workflows. By reallocating resources from maintaining outdated infrastructure like Bazaar, Canonical intends to better support Ubuntu's core development and implement improvements to Launchpad as a whole. Despite the shift, Bazaar will not disappear entirely from the world of open source. Users who wish to continue using Bazaar beyond Launchpad's support cutoff can host their repositories with services like GNU Savannah, which remains committed to Bazaar support. Breezy, the active fork of Bazaar, will also continue to receive maintenance, ensuring the version control system endures for those who prefer it. ADVERTISEMENT The discontinuation of Bazaar on Launchpad marks a significant moment in the history of Ubuntu's development tools. Once tightly integrated into canonical workflows for building DEBs, PPAs, snaps and Ubuntu itself, Bazaar's sundering from Launchpad symbolises the retreat of niche VCS in favour of universally supported tools. It speaks to broader shifts in software development culture, aligning Ubuntu with prevailing industry practices centred on Git. Canonical has emphasized that Ubuntu Engineering will receive migration support, and developers with unique needs are encouraged to reach out via Launchpad's feedback channels or Matrix. The company aims to collaborate closely to remove reliance on Bazaar-specific integrations used in Ubuntu's engineering systems. As the 1 September deadline approaches, developers must act swiftly to export their repositories. Migrating preserves their revision histories, branches, and tags, ensuring continued project development. Those who delay risk losing remote access to their code and may face complex manual recovery efforts after Bazaar support ends. Bazaar's sunset also underscores the dominance of Git in open‑source workflows. According to the 2024 Stack Overflow developer survey, approximately 98 per cent of developers use Git, everyone from hobbyists to large enterprises. Git's extensive ecosystem of CI/CD tools, integrations, and community support has entrenched it as the developer standard. Despite familiarity with Bazaar among legacy projects, the broader open‑source ecosystem has migrated towards Git. Organisations seeking to maintain compatibility with the wider community, attract contributors, and leverage automated development pipelines will find Git essential. Enterprises relying on Bazaar must reevaluate their infrastructure and workflows to align with this reality. Canonical's decision reflects both pragmatic resource allocation and alignment with community norms. By removing Bazaar support, it simplifies the development stack, reduces maintenance burden, and clarifies the path forward for Ubuntu's development ecosystem. While the transition brings uncertainty for long‑time Bazaar users, structured migration pathways and continued community support via Breezy and alternative hosts offer continuity. This move also signals potential future efforts by Canonical to deprecate other legacy services on Launchpad, focusing the platform on components with active developer and user bases. By streamlining services, Canonical may enhance Launchpad's relevance in contemporary software engineering workflows.
Economy ME
11 hours ago
- Economy ME
stc Group successfully supports over 1.6 million pilgrims with advanced digital solutions during 1446 Hajj season
During the 1446 Hajj season, stc Group supported over 1.6 million pilgrims with a robust digital ecosystem, ensuring seamless connectivity, secure communication and an exceptional spiritual experience. The group managed the holy season with outstanding readiness and reliability, elevating pilgrims' experience through advanced telecommunications infrastructure and dedicated onsite maintenance teams. stc utilized its integrated operations center to monitor all performance indicators in real time, while leveraging cutting-edge analysis and network operation technologies to make swift, precise decisions and ensure uninterrupted service, even during peak network traffic. stc posts record-breaking data and call volumes stc's network reached record-breaking data and call volumes on the day of Arafah and the first day of Eid, surpassing previous Hajj seasons. The deployment of an advanced technical system powered by generative AI and Cognitive SON enabled over 14,000 technical actions per hour, a 30 percent increase from last year. This system also improved upload speed by 20 percent and achieved a self-recovery rate of more than 95 percent during peak times. stc's 5G network also recorded its highest-ever utilization rate of 90 percent during Arafah, successfully meeting the unprecedented demand and ensuring a seamless customer experience. AI-based predictive analytics boost data traffic by over 30 percent The group also revealed that data usage peaked at Muzdalifah on the first day of Eid Al Adha, with a 64 percent increase in traffic, a 129 percent surge in 5G usage and a 25 percent improvement in user experience. In Mina, AI-based predictive analytics optimized load distribution, boosting data traffic by over 30 percent and enhancing 5G performance by 39 percent compared to last season. In response to the heightened demand throughout this season, stc also provided 436 fixed towers and 78 mobile towers to serve the Haram area and the holy sites, along with 259 5G sites, 83 upgraded 4G sites and 21 additional coverage sites. In addition, 998 Wi-Fi access points and 179 dedicated indoor data network sites ensured optimal coverage. Furthermore, stc dedicated 144 critical communications network sites to deliver immediate support to security and service sectors, backed by a robust team of on-ground maintenance professionals ensuring uninterrupted services in all conditions. The group also played a key role in supporting government and private entities serving pilgrims, demonstrating its commitment to fostering national collaboration during the Hajj season. In addition, stc Group contributed to the delivery of over 203 million text messages on the day of Arafah, providing pilgrims with multilingual guidance to perform rituals with ease. Read: stc group deploys AI-powered network to ensure seamless connectivity for Hajj pilgrims stc subsidiaries' solutions enhance Hajj experience stc subsidiaries also played a vital role in enhancing the Hajj experience. sirar by stc delivered cyber protection solutions to safeguard data and ensure the continuity of digital systems, while specialized by stc provided critical communication services via TETRA and LTE networks through its Miqat and Manasik solutions. Additionally, its Event Management Platform seamlessly connected operations rooms with field teams in real time, facilitating the safe and efficient movement of pilgrims. Meanwhile, solutions by stc contributed with advanced services such as SD-WAN, router management and high-performance Wi-Fi to ensure continuous connectivity. iot squared also introduced Smart Tents equipped with sensors to monitor temperature, humidity and smoke, enabling early emergency detection and faster response through command centers. The success of this year's Hajj underscores stc Group's commitment to serving pilgrims as a trusted digital partner. Operating behind the scenes, stc connected hearts and networks by delivering advanced telecommunications services that respected the sanctity of the occasion. stc group is proud to support the goals of Saudi Vision 2030 by driving digital transformation and enhancing the experience of pilgrims at Hajj.
Tahawul Tech
12 hours ago
- Tahawul Tech
Cisco committed to addressing cybersecurity skills gap through its networking academy
CNME Editor Mark Forker spoke to Fady Younes, Managing Director for Cybersecurity at Cisco Middle East, Africa, Türkiye, Romania and CIS, to learn more about the findings of the Cisco 2025 Cybersecurity Readiness Index, what enterprises ultimately need to do in order to both embrace and secure AI into their organisations – and how the Cisco Networking Academy is wholly committed to addressing the talent vacuum that exists in the cybersecurity industry across the region. Cisco's Cybersecurity Readiness Index covers a broad geographic scope, which inevitably provides a very robust and wide-ranging overview on cybersecurity readiness from a global perspective. However, for the purpose of this interview, the focus was lasered on the findings that emerged in relation to the UAE. Fady Younes is one of the most respected cybersecurity practitioners across the Middle East, and as Cisco's Managing Director for all things associated with cybersecurity in the region, there is few better placed to comment on the findings. Fady began the conversation by highlighting the hype and momentum around AI, but conceded that it is difficult for a lot of enterprises to both adopt AI and secure at the same time. 'Look, we know there is a lot of hype in relation to AI, and especially here in our region. However, while AI brings the promise of new possibilities and boosts organisations' innovation and competitiveness, it also adds layers of complexity and risks to an already complicated security landscape. It's challenging for companies to embrace and secure AI, and both of those things are taking place at an exceptionally fast pace. There is quite clearly a disconnect between the general understanding of the threats posed by AI, and what it takes to secure the organisations against those threats, and this gap poses a critical risk,' said Younes. Younes highlighted the role Cisco is playing in terms of creating more awareness on the risks posed by AI, and at the same time is proactively investing significantly in education and upskilling. 'Cyber attackers are not standing still, in fact, on the contrary, they're actually, leveraging AI to automate and scale their operations, including phishing, deep fakes, but also other sophisticated attacks that are hard to both predict and prevent. Cisco's approach to bridging the awareness gap, is actually across multiple areas. The first one is about all upskilling and education. The Cisco Networking Academy is committed to training cybersecurity professionals, focusing on AI, cybersecurity, and data science. And those three topics were recently added to enhance and boost our curriculum in the networking academy, which has been which been around for a long time. Our program, is very active in the region, and it is ultimately designed to address the talent shortage and generally improve the understanding of AI related threats across the board,' said Younes. A term that has been talked about over the last few years, and has been exacerbated of late, is the topic of ethical AI and the need for responsible AI frameworks and regulations – and our conversation pivoted towards that talking point. 'The ethical use of AI is absolutely critical, and this is something that we emphasise greatly at Cisco, through the responsible AI framework, which we helped define. It is incumbent on us to ensure that AI technologies are deployed securely and transparently in order to build trust and to mitigate risks. Now as I mentioned earlier in the conversation, cyber criminals are leveraging AI in their attacks, so with them doing that, we as a leader on the defense side have to counter-attack that because the organisations cannot rely on human scale defense – and that's why Cisco has embedded AI in cybersecurity defense to assist, automate, and augment the capabilities of the SecOps team,' said Younes. 'While AI brings the promise of new possibilities and boosts organisations' innovation and competitiveness, it also adds layers of complexity and risks to an already complicated security landscape.' He added that Cisco has introduced AI assistance across its entire security portfolio – and highlighted the role played by its Cisco AI Defense product that was launched in January 2025. 'We are introducing AI assistants all across our product and solution stack, and we are empowering the SecOps team by providing them actionable insights through AI to automate their complex workflows, which reducing the time required for incident response. And this will ensure that even less experienced analysts, and we know the scarcity of those, can effectively manage all these AI-driven threats. Our latest innovation, the Cisco AI Defense, is actually purpose built for enterprises to develop, deploy, and secure the AI applications with confidence. It is an end-to-end solution that protects both the development and the use of AI applications, so that enterprise can advance their AI initiatives with confidence, because the last thing we want to do is slow down that AI adoption. However, at the same time, we cannot let them go with all the risks that are associated. In summary, we're safeguarding against the misuse of AI tools, data leakage, and increasingly sophisticated threats, which existing security solutions quite frankly, are clearly not equipped to handle,' said Younes. One of the most glaring findings from Cisco's Cybersecurity Readiness Index was the talent gap that exists, not only in the UAE, but worldwide. It isn't a problem that is going to be fixed overnight, but Younes conceded it is a major challenge. 'The talent gap in cybersecurity isn't something new, and it is a very real problem, and it's not something that is going to go away overnight. On the contrary, it is actually increasing, but it's not just an issue specific to the UAE, it's a global problem. To put the challenge into perspective, there are around 4 million cybersecurity professionals needed urgently to plug the talent gap, so that's gives you an indication on the scale of the problem at hand,' said Younes. 87% of those surveyed in the Cisco Cybersecurity Readiness Index identified the shortage of skilled cybersecurity professionals as a major headache for their organisation. Younes outlined that it wasn't just Cisco's customers feeling the pinch, and that their entire ecosystem of partners and system integrators are dealing with the same issue. Younes said that in the long-term their Networking Academy will continue to upskill and train millions of people, but in the short term they are focused on leveraging their technologies to support overstretched SecOps teams. 'In the long term the Cisco Networking Academy will train and upskills millions of cybersecurity professionals across the Middle East and Africa region, but more immediately, we're using technology to reduce the pressure on already stretched SecOps teams. As I referred to earlier, Cisco is embedding AI across our entire cyber security portfolio with AI systems, and the objective of that is to simplify the ops team and reducing their work cycles. Most recently at the RSA conference last month, we announced a new innovation around our Cisco XDR offering, which is the extended detection and response solution that is now leveraging Agentic AI, to handle many of the time-consuming repetitive tasks and that used to require deep expertise,' said Younes. Younes highlighted how their attack storyboard, a visual representation of a cyberattack within their Cisco XDR, or Cisco SecureX platforms was saving SecOps teams weeks in terms of generating reports. Features like, instant attack verification, automated forensics, and attack storyboard. 'The attack storyboard is very interesting because it demonstrates what exactly happened in chronological order after a cyberattack has occurred in a matter of seconds. They can generate a very detailed report that could have taken the SecOps team weeks to generate Yeah. Ultimately, this will help analysts regardless of their experience level to move quickly from alert to action with confidence, and that not only improves efficiency, but it makes security operations much more accessible. So, while we can continue to close the skills gaps through the networking academy, we can also help address the issue now through our XDR and SecureX platforms,' said Younes. 'The study measures security readiness against five key pillars that are critical for securing the modern organisations against evolving cyber threats.' The pendulum of the conversation swung back towards the Cisco Cybersecurity Readiness Index. A comprehensive survey, now in its 3rd year, consisting of 8,000 businesses across 30 global markets. As Younes explained the index accesses the deployment and maturity of cybersecurity solutions across these global markets. The survey is broken down into four categories of readiness, which are beginner, formative, progressive and mature. In terms of the UAE, 30% of organisations have reached a progressive or mature state. Younes believes that is a healthy figure, but stressed that those numbers are not likely to increase hugely, due to the volatile and dynamic nature of the cybersecurity industry. 'The study measures security readiness against the following key pillars that are critical for securing the modern organisations against evolving cyber threats. The five pillars are identity intelligence, machine trustworthiness, network resilience, cloud reinforcement, and AI fortification. Last year, if we compare the results, and I'm not talking just about the UAE only, but globally. If you compare the results in terms of maturity this year versus last year, then you will see that at the same time, they're investing ad they're consolidating. They're doing the right things, but at the same time, it's not progressing rapidly. You're not going to jump by 10%. Because whist organisations are investing in those new technologies, there are new threats popping up all the time. And this year, in particular, with AI coming into the picture it has made the picture even blurrier,' said Younes. Younes explained the newest pillar of the Index is the AI fortification layer. 'The AI fortification pillar wasn't there a few years ago, and that's now the fifth pillar. I'll go through each pillar quickly. The identity security framework prioritises identity visibility, adopts a zero trust architecture, and utilises password-less, or multifactor authentication bolstered by AI-driven detections. The second pillar is machine trustworthiness, but it's also promoting the concept of a zero-trust model. And this is where we need to have that model deployed, to diligently verify all users, but also devices. So, the posture of your device, not only your identity is critical, before granting access to networks, and serving as a critical mechanism for ensuring trusted access. The third one is network resilience, and organisations are actually recommended to urgently enhance their network resilience, advancing beyond partial security, implementations to adequately prepare for the challenges posed by the AI era,' said Younes. Younes stressed the importance of correlating what is happening across all your domains rather than adopting a siloed approach to cybersecurity. He concluded a brilliant conversation, by touching on the importance of unified cloud security. 'The fourth pillar is unified cloud security, and this is transitioning from the fragmented, to cohesive security strategies that are proactive and AI enhanced, allowing for more efficient management of security across cloud environment. So, this is all about giving the security teams more visibility and control, across the multi-cloud environment, wherever the workloads applications are. The objective has to be the production of a consistent policy across all workloads, regardless of where they reside, be it AWS, or Azure. Finally, the last one is the AI security strategy, and this is about developing a comprehensive security approach that focuses on and secures both the deployment of AI technologies and the underlying models, ensuring reliability and integrity,' said Younes.
