Cato Networks said it can protect customers against newly disclosed vulnerabilities within 45 minutes, reflecting what it described as a new approach to CVE mitigation.

The claim marks a sharp reduction from the days or weeks often associated with vulnerability response in security estates that rely on customer-managed appliances and patching cycles. Cato said it had previously reduced that process to hours through its software design and has now shortened it further by using AI-driven threat research with automated delivery across its cloud service.

Cybersecurity vendors and customers are under growing pressure to respond faster as the number of disclosed vulnerabilities rises. Cato cited data from the US National Institute of Standards and Technology showing CVE submissions rose 263% between 2020 and 2025, while filings in the first three months of 2026 were nearly one-third higher than in the same period a year earlier.

At the same time, many organisations still struggle to remediate vulnerabilities quickly. Cato pointed to Verizon’s 2025 Data Breach Investigations Report, which found that about 54% of edge device vulnerabilities were fully remediated during the year, with a median remediation time of 32 days.

How It Works

Cato said its process uses AI agents, with human supervision, to monitor disclosed vulnerabilities, triage information from multiple sources, extract indicators of compromise, reproduce exploits in a lab environment, develop threat signatures, test them for false positives, and deploy protections across the Cato Cloud.

Because the platform is cloud-based, customers do not have to patch or reconfigure distributed appliances before receiving the mitigation, according to the company. That removes a step that often slows response times in traditional security environments, where vendors must develop updates and customer teams must then test and install them across large estates.

Cato framed the announcement as an architectural argument as much as an operational one. It said rapid mitigation depends on combining network visibility, platform-wide context, and cloud-based enforcement in a single system rather than relying on separate products and local appliance upgrades.

That position goes to the centre of a wider cybersecurity debate over whether older infrastructure models can keep up with attack timelines that continue to shrink. Security teams have long measured performance by time-to-protect, but the industry is increasingly focused on time-to-exploit as attackers move more quickly from disclosure to active abuse.

Shlomo Kramer, Co-Founder and Chief Executive Officer of Cato Networks, said the change in attack speed exposes the limits of appliance-led security operations.

“Attackers move in minutes. Appliance-centric security still moves in patch cycles,” Kramer said.

“Cato closes the gap by turning new CVE intelligence into protections deployed globally across our cloud service, with zero customer effort. In the AI era, security architecture is no longer a matter of efficiency. It is a do-or-die security decision,” he said.

Industry Shift

Cato said the latest reduction in response time came from applying agentic AI to stages of the vulnerability protection lifecycle that it had already automated over several years. Those stages include monitoring CVEs, creating protections, validating them, and deploying updates across the company’s cloud infrastructure.

In Cato’s account, the latest step is less about replacing existing systems than compressing the time needed to complete each part of that cycle. The company said AI agents now help automate vulnerability analysis, exploit reproduction, protection generation, and validation, while humans remain in a supervisory role rather than carrying out each step manually.

That reflects a broader shift across parts of the security market, where vendors are trying to use AI not just for detection but also for operational response. The central promise is that machine-led workflows can reduce the lag between a newly published vulnerability and a live defensive control.

Elad Menahem, Senior Vice President of Research at Cato Networks, said the significance was not limited to a faster headline number.

“The breakthrough here is not just speed,” Menahem said.

“It’s that vulnerability response itself can now operate continuously and at machine scale,” he said.

Cato, known for its secure access service edge platform, said thousands of organisations use its network and security services across cloud, hybrid, and distributed environments. The latest announcement places that platform architecture at the centre of its pitch to customers facing a heavier flow of vulnerability disclosures and shorter windows to act.

By arguing that protection can be deployed globally in minutes without customer action, Cato is also making the case that mitigation speed is becoming a defining measure of security infrastructure rather than an added feature. It said AI-era security cannot depend on manual customer operations or appliance patch cycles.

The benchmark it has set will now test how quickly other security providers can demonstrate similar response times as vulnerability volumes continue to rise and exploit activity becomes harder to contain within traditional operational windows.

Energy regulator Ofgem announced on Wednesday, May 27 that there would be a 13 per cent increase of the energy price cap.

In a speech to Parliament on Tuesday, the Liberal Democrat politician urged the Government to provide targeted support to vulnerable, low-income households, which will be hit the hardest.

READ MORE: Woman, 28, ‘beat up’ boy, 14, outside BP petrol station

Mr Glover said: “The energy price cap increase is estimated to cost each household an extra £18 every month.

“That is the price of a regular essential food shop at a discount store

“Now I note the measures the minister says the Government is taking but in addition will the Government urgently bring a social tariff for vulnerable low income households?”

In response to Mr Glover, Martin McCluskey, the parliamentary under-secretary of state for energy security and net zero, said: “Obviously from the Government’s point of view we do not want anyone to be making the choice between heating and eating.

“That’s why across the Government, we are working on a data sprint to work out how we can use household income data to make sure we are targeting support at the right people.”

READ MORE: Group of ‘patriots’ to protest following murder of student Henry Nowak

Vulnerable households to be targeted as energy price cap increases (Image: PA)

The energy regulator revealed that this price cap would start on Wednesday, July 1 to Wednesday, September 30.

The price cap refers to the default tariff applied when a customer has not signed for a fixed-rate tariff.

It sets a maximum rate per unit and standing charge that can be billed to customers for their energy use. 

This increase is a result of higher wholesale gas prices, caused by the ongoing conflict in the Middle East.

However, prices remain well below the height of the energy crisis in 2022 when the government stepped in to cap bills at £2,500.  

Currently, 60 per cent of accounts aren’t fixed tariffs and will be affected by this price rise.

The current price cap for a typical household paying by direct debit for gas and electricity is £1,641.

Announcing the increase, Tim Jarvis, Ofgem CEO, said:  “Today’s price change reflects continued volatility in global energy markets.

“This means higher wholesale gas prices, driven by ongoing conflict in the Middle East, is impacting the price we pay for energy. 

“We understand many will be concerned about rising prices.

“While energy use typically falls over the summer months, there are still practical steps households can take to manage costs, including exploring fixed tariffs or changing their payment method.

“Smart meter customers can also take advantage of half price or cheap electricity at the weekends.”

SOFIAH NICHOLE SALIVIO

News Editor

Kefron has published research showing that most finance teams still rely on manual intervention in accounts payable, with only 15% of surveyed companies saying the process is fully automated.

The study highlights a gap between the demands on finance departments and the systems many still use to manage invoices, approvals and reporting. Based on a survey of 200 UK finance leaders and accounts payable managers, it found that 85% of finance teams depend on manual input at some stage of the accounts payable process.

That reliance appears to shape how finance leaders view growth. Eight in 10 chief financial officers surveyed said manual accounts payable makes it harder to scale finance operations efficiently, while 84% said artificial intelligence will free finance teams to focus on more strategic work.

Kefron, which sells accounts payable automation software, said the findings suggest manual processes built up over time are creating operational strain as invoice volumes rise and compliance demands increase. The research also linked pressure on accounts payable teams to changes in enterprise resource planning systems, which can add complexity in approval and reporting workflows.

Pressure points

The most common problem was delays in invoice approval workflows, cited by 35% of respondents. Rising invoice processing costs followed at 31%, while 28% pointed to excessive manual data entry.

A lack of real-time visibility into invoice status was named by 27% of respondents, and 26% said duplicate or erroneous payments were a key issue.

The report also highlighted broader concerns around month-end close and audit or compliance demands. Together, the findings suggest accounts payable remains a weak point for many organisations despite wider investment in finance technology.

Supplier relationships also featured in the responses. The research found that 90% of chief financial officers believe efficient accounts payable processes strengthen supplier relationships, while 77% of finance professionals said automation reduces compliance risk.

Executive view

Paul Kearns commented on the findings.

“The research shows that finance teams and CFOs do not have the real-time insights needed to run a business at full efficiency. More than half of finance professionals agree that they’re more likely to crack time travel than crack real-time AP control, demonstrating a real lack of confidence in automation procedures. As organisations grow, these manual and partially automated AP processes become a barrier to scalability, resilience and agility,” said Paul Kearns, Chief Executive Officer of Kefron.

The results add to a wider debate in finance over how quickly back-office processes are adapting to digital tools. While invoice capture has been automated in parts of many organisations, the data suggests end-to-end processing remains incomplete in most cases.

That matters because accounts payable affects areas beyond the finance function. Delayed approvals can slow supplier payments, poor visibility can weaken cashflow planning, and manual intervention can increase the risk of errors that later require correction or create audit issues.

Kefron said organisations are looking for systems that can support business expansion, adapt to changes in core finance software and provide stronger visibility over invoices and approvals. It argued that businesses are no longer focused only on digitising invoice capture, but on improving control and reporting across the process.

The survey covered heads of finance, chief financial officers, finance managers and accounts payable managers across sectors including manufacturing, retail, health, hospitality, construction, financial services, energy and telecommunications. It was conducted in the UK.

The findings suggest many finance teams are still working between older manual practices and newer automation tools, creating gaps in control and speed. For companies trying to manage growth, those gaps are being felt most clearly in approvals, cost, visibility and payment accuracy.