Managed Threat Detection and Response
Cato Managed Detection and Response (MDR) is an advanced security service that offers continuous threat detection and guidance on how to respond to malicious events, quickly, and effectively. Cato MDR leverages AI and ML, combined with human threat verification, to hunt, investigate, alert, reduce risk of breach, and improve security posture.
Cato MDR is built-in into Cato’s SASE platform. This means Cato MDR monitor all site, VPN, and cloud environments connected to CATO SASE Cloud, enabling users to benefit instantly from the service without having to install additional HW/SW.
Key Benefits:
1. Immediate service activation, no additional HW/SW needed
2. Dwell time reduce from 200+ days to 1-2 days!
3. Real-time alerts for confirmed threats, no false positives
4. Network-level containment and guided remediation for effective response
5. Designated security experts alongside security assessments
Key Features:
Automated threat hunting
Machine learning algorithms look for anomalies across billions of flows in Cato’s data warehouse and correlate them with threat intelligence sources and complex heuristics.
Expert threat verification
Cato security researchers review flagged endpoints and assess the validity and severity of the risk, only alerting on actual threats.
Threat containment
Verified live threats can be contained automatically by blocking C&C domains and IP addresses, or disconnecting compromised machines or users from the network.
Guided remediation
The Cato SOC advises on the risk’s threat level, recommended remediation, and follows up until the threat is eliminated.
