Cato Networks has upgraded its SSE 360 architecture with a data loss prevention engine, which the company claims addresses the limitations of traditional DLP rules implementation for protecting data across all applications, ComputerWeekly
Legacy DLP, for example, may accidentally block legitimate activities or fail to prevent illegitimate activities through faulty rules, and does not guarantee protection from other threat vectors.
The DLP engine provides sensitive-files scanning across the network and also enables user-defined data scanning. It can identify more than 350 distinct data types and allows users to set pre-defined rules to either block, allow or send an alert for certain activities.
The upgrade comes after Cato's introduction of network-based ransomware
protection to its platform, which enables scanning of server message block protocol flows for file properties, user behaviors and other attributes. An algorithm trained against a data lake connected to the Cato SASE Cloud then searches for potentially malicious SMB traffic to and from the source device and blocks them.