AI Agents Dramatically Reduce Time-to-Protect Against New CVEs

Cato Networks, a specialist in Secure Access Service Edge (Sase) technology, has reported significant improvements in vulnerability response times through the application of agentic artificial intelligence. In experimental deployments, Cato’s AI agents reduced ‘time-to-protect’—the period between when a new Common Vulnerabilities and Exposures (CVE) is disclosed and when it’s mitigated across an organization—from days or weeks to mere hours.

How Agentic AI Transforms Vulnerability Management

Traditional vulnerability management processes involve manual scanning, prioritization, patching, and verification. This can be time-consuming, especially for distributed enterprises with complex IT environments. Cato’s approach uses agentic AI to automate key steps in this workflow:

  1. Automated Discovery: AI agents continuously scan networks and endpoints to identify new vulnerabilities as soon as they are disclosed.
  2. Intelligent Prioritization: Rather than treating all CVEs equally, the system prioritizes based on factors like exploit availability, potential impact, and asset criticality.
  3. Automated Remediation: Agents can automatically apply patches or configuration changes where appropriate, while escalating more complex issues to security teams.
  4. Continuous Verification: The AI validates that mitigations were successful and remain effective over time.

Impact on Real-World Security Posture

The ability to rapidly address new vulnerabilities is critical in today’s threat landscape, where attackers often exploit zero-day flaws within hours of public disclosure. By shrinking the ‘time-to-protect’, Cato’s AI agents help organizations maintain a stronger security posture with less manual effort.

“We’re seeing that agentic AI can fundamentally transform how enterprises manage their vulnerability risk,” said Shlomo Marom, CEO of Cato Networks. “Rather than reacting to threats after they emerge, our customers are gaining the ability to proactively protect against them in near real-time.”

The company plans to integrate these capabilities more broadly across its Sase platform, offering enhanced security for organizations facing increasingly sophisticated cyberattacks.