As a global SASE provider, Cato Networks runs a globally distributed infrastructure across more than 85+ Points of Presence (PoPs), with core services deployed via K3s and AWS EKS clusters. Their AppSec team supports a fast-growing engineering org of 300+ developers.

“We relied on a traditional SCA tool for OSS security,” said Yuval Moravchick, Application Security Team Leader at Cato. “But it was noisy. Without proper exploitability insights, we were managing a high volume of alerts that didn’t matter.”

Cato’s application security team sits inside the larger CISO organization, working alongside SecOps and GRC. The AppSec group needed a way to stop wasting time on theoretical vulnerabilities and start focusing on what was real.

Moravchick saw Oligo’s potential and brought it in strategically.

“When I realized Oligo could scan memory to show if a vulnerable function was actually executed, it felt like a game changer,” he said. “It immediately helped us eliminate 70% of the findings we were chasing before.”

That insight was the catalyst. Cato stopped triaging OSS alerts from their old SCA tool and transitioned to Oligo for runtime-backed prioritization. The legacy tool now exists only as backup for client-side code.

Integrated and Automated: The Cato x Oligo Workflow

Instead of routing developers through yet another dashboard, Cato integrated Oligo directly into Jira. When Oligo flags an issue in an executed library, it automatically opens a Jira ticket and assigns it to the right team.

“We’ve customized the issue types and content, and even added automation to convert those issues into engineering tasks,” said Moravchick. “Our developers don’t even need to log into Oligo directly – they see only what matters, when it matters.” 

By eliminating manual triage, the team removed a major bottleneck. They now act faster, with clearer evidence, and without wasting cycles. Cato also combines Oligo’s insights with architectural context, such as service exposure and cluster criticality, to fine-tune prioritization even further. Vulnerabilities in their global cluster, for example, are addressed faster due to the elevated risk. 

From Compliance Wins to Zero-Day Readiness

Cato’s security program emphasizes both proactive risk reduction and regulatory compliance. Oligo supported the company in achieving PCI DSS certification by enabling the team to demonstrate that only executed libraries are patched and not vulnerable– a powerful answer to compliance requirements without creating development drag. 

In addition, Oligo’s Cloud Application Detection and Response (CADR) capabilities have added another layer to Cato’s ability to detect and respond to emerging threats. By continuously profiling application behavior, Oligo enables the security team to spot anomalies and act, even when no CVE has been assigned. In one case, the solution flagged a low-severity issue that turned out to be valid, reinforcing the value of runtime anomaly detection in real-world conditions.

A Partnership for the Long Haul

“Oligo stays. No question.”

That’s the sentiment from Cato’s leadership. In a security landscape cluttered with tools that overpromise and underdeliver, Oligo has been a valuable partner, both in its technical capabilities and its customer-first mindset.

“The support is outstanding,” Moravchick emphasized. “They respond quickly, take our feedback seriously, and have even built features based on our requests.”

The Results

• 70% fewer findings vs. traditional SCA
• No more manual triage: alerts turn into Jira tickets, automatically
• PCI DSS evidence built from runtime usage
• Better dev alignment: clear, trusted signal instead of noise
• CADR monitoring to flag anomalies, even without a known CVE

‍