This surge is evident not only in its adoption by organizations of all sizes but also in the increasing number of requests from third-party vendors eager to integrate SASE into their software solutions.
This is where Cato API comes into play, seamlessly delivering the Cato SASE Experience to third parties through a planned approach.
The convergence of security and networking information within a singular API not only reduces costs but also streamlines data retrieval.
It is this same blend of elegance, agility, and intelligence that characterizes the Cato SASE Experience.
In the past year, nearly a dozen technology vendors, including Artic Wolf, Axonius, Google, Rapid7, Sekoia, and Sumo Logic, have unveiled Cato integrations.
Cato's channel partners, such as UK-based Wavenet, have independently executed internal integrations, reporting substantial improvements in return on investment.
Developers can make a single request to obtain information on a specific object, class of events, or timeframe-whether pertaining to any location, user, or cloud entity, or encompassing all objects within their Cato SASE Cloud account.
Cato's commitment to convergence is evident in the creation of a unified API, enabling access to events related to SD-WAN and networking, as well as security events from our SWG, CASB, DLP, RBI, ZTNA/SDP, IPS, NGAM, and FWaaS capabilities.
In contrast, approaches centered around individual products require developers to submit multiple requests for each product and every location.
Separate requests would be made for firewall events, IPS events, and connectivity events for each enterprise location.
Each product provides data in a varied format and structure, demanding additional investment to standardize them prior to processing.
Riddle heads up product integration for Wavenet, a UK-based MSP offering a converged managed SOC service based on Microsoft and Cato SASE Cloud.
He had a customer who switched from ingesting data from legacy firewalls to ingesting data from Cato.
For Cato customers, Wavenet found it sufficient to feed the SIEM with log data rather than the complete network telemetry data, ensuring precise event correlation.
Since Wavenet oversees both the Cato network and the SOC, its SOC team can directly leverage Cato's security tools for investigating and responding to alerts, rather than depending solely on EDR software or the SIEM. This integrated management of network and security not only enhances threat detection and response but also leads to cost savings.
Delivering security, networking, and access data via one interface has resulted in a variety of third-party integrations.
SIEMs rely on incorporating Cato data for comprehensive incident and event management, while detection and response mechanisms leverage Cato data to pinpoint threats.
Asset management systems utilize Cato data to monitor network assets effectively.
Sekoia.io XDR, for example, ingests and enriches Cato SASE Cloud log and alerts to fuel their detection engines.
Another vendor, Sumo Logic, ingests Cato's security and audit events, making it easy for users to add mission-critical context about their SASE deployment to existing security analytics, automatically correlate Cato security alerts with other signals in Sumo Logic's Cloud SIEM, and simplify audit and compliance workflows.
This Cyber News was published on www.itsecurityguru.org. Publication date: Wed, 13 Dec 2023 12:43:05 +0000