How Shlomo Kramer is Leading Cato Networks into the AI-Powered SASE Era

VentureBeat recently sat down (virtually) with Shlomo Kramer, co-founder and CEO of Cato Networks, to gain insights into his vision for the future of cybersecurity. His company is quickly trying to innovate in the areas of secure access service edge (SASE), AI, machine learning (ML) and its many potential use cases for defending Cato customers.

Core to Kramer’s vision of the future of cybersecurity is SASE, which converges security and networking on a single, cloud-native platform. Within SASE, Kramer believes the integration of AI and ML can provide real-time threat detection and mitigation, ensuring robust protection for enterprises. 

Kramer is considered one of the most prolific and successful entrepreneurs in cybersecurity, with more than 30 years of experience growing startups into global cybersecurity businesses. He’s considered one of the world’s leading cybersecurity serial entrepreneurs and a noted network security expert.

Kramer co-founded Cato Networks in 2015, guiding the company to become a global leader in the SASE market. Earlier this month, Cato was named a leader in the 2024 Gartner Magic Quadrant for Single-Vendor SASE. Additionally, Cato announced today that it surpassed $200 million in annual recurring revenue (ARR)—doubling its total ARR in under two years. Cato also surpassed 2,500 enterprise customers, with more than 1,000 new customers in the past two years. Cato’s enterprise customers include Carlsberg, Häfele, O-I Glass, Ryohin Keikaku, Sixt, Vitesco Technologies among others.

VentureBeat: What trends are you seeing in the adoption of SASE solutions among enterprises? 

Shlomo: Organizations are increasingly recognizing the need to make their businesses more agile, adaptable, resilient, and secure. By leveraging a SASE platform, they can achieve this flexibility and robustness, allowing them to rapidly execute on business growth initiatives.  

Additionally, we see that SASE is being prioritized by organizations worldwide as they seek to converge security and networking functions seamlessly. This prioritization reflects a broader shift towards comprehensive security frameworks that support and enhance digital transformation efforts, ensuring that organizations can operate efficiently and securely in an increasingly digital landscape. 

VB: Can you share some notable success stories or case studies that highlight the impact of Cato Networks’ solutions? 

Shlomo: I have so many. Last year, Häfele (a German manufacturer and supplier of furniture fittings and architectural hardware) asked Cato Networks to rebuild its global network and security infrastructure across 50 countries and 180 sites. This was after Häfele suffered a ransomware attack. Normally, companies would budget six months to a year for a deployment of this scale. Cato did it in less than a month. The Cato SASE Cloud Platform made the deployment so quick and easy that it even surprised Häfele.  

Also, last year, Carlsberg (one of the world’s leading brewers) selected Cato to connect and secure 200+ locations and 25,000+ remote users. With the Cato SASE Cloud Platform, Carlsberg transformed its global network and security infrastructure.  

VB: What upcoming innovations or developments can we expect from Cato Networks soon? 

Shlomo: When it comes to expanding the scope and scale of the Cato SASE Cloud Platform, we have been relentless in our execution and innovation. For example, earlier this year, we added extended detection and response (XDR) and endpoint protection platform (EPP) to the Cato SASE Cloud Platform. This functionality is typically found in point products within an enterprise. Now, they are simply features within our platform. A few months later, we added network incidents to our SASE-based XDR—tapping into AI to identify outages within customer networks and conduct rapid root cause analysis. 

Looking ahead, our vision is to “SASE-ify” all of security. This means extending the Cato SASE Cloud Platform into adjacent markets with the same architecture and business benefits. You can expect us to continue listening to our customers and responding to their needs by replacing the legacy point products they are currently using with new, converged features within the Cato SASE Cloud Platform. Our commitment to innovation ensures that we consistently deliver advanced, comprehensive solutions that enhance security and network performance for our customers. 

VB: Can you provide specific examples of how AI/ML has detected and deterred sophisticated cyber attacks? 

Shlomo: One of the best examples of how we use AI/ML to stop cyberattacks and improve our customers’ security posture occurred recently with the Polyfill supply chain attack. According to numerous reports, 100,000+ websites were impacted after a Chinese CDN company acquired the Polyfill.io domain and modified the JavaScript library to redirect users to malicious and scam sites. Cato customers, though, were instantly protected against the Polyfill supply chain attack.  

The attack relies on redirecting users to cybersquatted domains. This is a technique used for profiting from the brand strength of popular domain names to conduct malicious activities, such as www.googie-analytics.com (notice the “i” not “l” in ”google”). Cato blocks access to cybersquatted domains using our AI-based cybersquatting protection we introduced in 2021.  

VB: How do you ensure the ethical use of AI/ML in your cybersecurity solutions, particularly in terms of privacy and data protection? 

Shlomo: We use various techniques to do this. Data masking techniques filter out personally identifiable information (PII) fields whenever data is sent to our AI/ML models. For example, we would substitute a user’s name with a token. Looking at the AI model would only show the token, not the user’s actual name.  

VB: How do you anticipate the evolution of cyber threats over the next five years, and what proactive measures is Cato Networks taking to stay ahead? 

Shlomo: I’m already seeing the industrialization and personalization of attacks with the use of AI. Over the next five years, I see cyber threats evolving across three dimensions.  

First, at a tactical level, I see AI vs. AI where threat actors (knowing IT security vendors use AI tools) will try to evade detection by specifically targeting AI weaknesses. This is already being done with code injection in malware to evade static analysis. I expect threat actors to continue this trend, just as they did with sandbox evasion, EDR evasion and comparable techniques. 

Second, at an operational level, the greatest threat to organizations is their own security infrastructure complexity. Organizations that continue using point products rather than a platform, which creates gaps in their security posture, will be prime targets for threat actors.  

Finally, at the strategic level, geopolitical conflicts will continue to shape nation-state activities. Current conflicts (ex: Russia-Ukraine), as well as emerging conflicts and changes of political leadership in various countries, will contribute to these instabilities and must be closely watched.   

VB: How does customer feedback influence your product development and innovation strategies? 

Shlomo: We hear what problems customers have and we solve them the SASE way. Because we built a platform and not a portfolio of products, that enables us to innovate and implement enhancements much faster and more efficiently. Our customers benefit greatly from this approach.  

VB: How important are strategic partnerships for Cato Networks, and can you discuss any significant collaborations? 

Shlomo: We are a partner-first company. Partners play a critical role in answering customer demand for the Cato SASE Cloud Platform. Today, we are focused on partnering with aggregators, telcos, global service providers (GSPs), global systems integrators (GSIs), agents, distributors, managed service providers (MSPs) and managed security service providers (MSSPs).  

Notable partners include KDDI in Asia-Pacific, Orange Cyberdefense in Europe, and Windstream Enterprise in North America.  

VB: How do you envision the role of AI evolving within Cato Networks over the next decade, and what potential new applications are you most excited about? 

Shlomo: Cato uses AI extensively throughout the Cato SASE Cloud Platform as an integral part of making security and networking easier and more effective. But to be clear, I don’t think AI alone can solve the range of problems facing today’s IT teams. The right architecture is important both for gathering the data needed to drive AI engines but also to tackle other challenges like business agility, connecting all enterprise edges, and user experience as impacted by networking and security performance. 

With that said, good AI starts with good data, and Cato sits on the best security and networking data. We log petabytes of data every week and capture the metadata of every transaction from every user of every customer connecting through the Cato SASE Cloud Platform. We then enrich that data lake with hundreds of threat intelligence feeds. The result is an unparalleled resource for our customers, which provides them with powerful capabilities, including threat hunting, user behavior anomaly detection, and network degradation detection.  

Against that resource, we run AI/ML models across numerous projects, which are all aimed at helping our customers achieve a better security posture and more reliable network infrastructure. Examples include detecting phishing websites by favicon based on a Siamese neural network (SNN), cybersquatted domains with string edit distance metrics, and algorithmically generated domains with long short-term memory (LSTM).  

We will continue to expand the use of AI technology to make the Cato SASE Cloud Platform even smarter, more autonomous, and simpler to use in the future.