Customers of Cato Networks’ SASE platform met security patch requirements set by American security regulator CISA. Cato Networks says it patched vulnerabilities identified by CISA well before the regulator’s deadline.

CISA, a US security regulator, recently compiled a list of 300 vulnerabilities in legacy network and security appliances. 113 of these vulnerabilities were deemed so critical that the regulator set a strict deadline (17 November) for the various manufacturers made responsible for patching them.

Despite the fact that many of these patches are routinely released by hardware and software vendors, companies often have to wait a long time for their availability. They also have to test the patches in their environments. Implementation generally takes a while. This is especially true for network infrastructure patches, leaving companies vulnerable for an extended period of time and putting some manufacturers at risk of not meeting the aforementioned CISA demands.

According to security specialist Cato Networks, its SASE platform always gets customers the latest patches immediately, without companies having to go through the entire update and verification process for their hardware infrastructure environments themselves. To illustrate, Cato Networks’ Managed IPS solution, part of the Cato SASE Cloud, immediately eliminated 35 vulnerabilities identified by CISA. Note that the vulnerabilities targeted hardware and software not originating from Cato Networks itself, but its customers, who were expected to meet CISA’s deadline.