Cato Networks joins OpenAI Daybreak program to enhance cyber defense

Cato Networks has joined OpenAI’s Daybreak Cyber Partner Program, a move that upgrades the Israeli cybersecurity firm’s existing relationship with the AI giant into something considerably more ambitious. The partnership, formalized on June 22, 2026, puts frontier AI models directly into the plumbing of enterprise cyber defense.

Cato had already been part of OpenAI’s Trusted Access for Cyber (TAC) program since May 1, 2026, but Daybreak represents a qualitative leap: integrating models like GPT-5.5 and security-specific tools from Codex into Cato’s Secure Access Service Edge (SASE) platform.

What Daybreak actually does

OpenAI launched the Daybreak program around May 2026 with a straightforward thesis. Cybersecurity defenders need to find threats faster, generate patches faster, and verify fixes faster. AI can help them do all three at a scale that human analysts alone simply cannot match.

The program transitions AI capabilities from internal testing environments into production workflows, emphasizing a prevention-first security architecture rather than a detect-and-respond one.

Cato isn’t alone in the program. Check Point joined on June 15, 2026, and other partners include Zscaler and Akamai.

The 45-minute benchmark

Cato has reported reducing its time-to-protect against newly disclosed vulnerabilities to just 45 minutes using its agentic security platform.

The integration of GPT-5.5 and Codex Security tools into Cato’s platform is designed to push that response time even lower. Vulnerability discovery, prioritization, and mitigation — the three steps that traditionally require different teams and different tools — get compressed into a more unified, AI-assisted workflow.

Cato CEO Shlomo Kramer has emphasized that integrating AI into security goes beyond simply having access to powerful models. The real challenge, in his framing, is weaving those capabilities into a coherent security architecture that operates on a prevention-first basis rather than a detect-and-respond one.

Why SASE is the natural home for this

Cato’s platform is built on the SASE model, which combines network connectivity and security functions into a single cloud-delivered service. Because SASE platforms already see and manage a huge volume of network traffic and security events in one place, adding AI models that can analyze and act on that data doesn’t require stitching together disparate systems. The data is already consolidated.

That consolidation is precisely what makes AI-powered vulnerability management practical rather than theoretical. A model like GPT-5.5 is only as useful as the data it can access and the actions it can trigger. In a unified SASE platform, much of that plumbing already exists.

What this means for investors

The Daybreak program’s partner list — Cato, Check Point, Zscaler, Akamai — represents a cross-section of the cybersecurity market that collectively touches a massive portion of enterprise network security.

The risk side of the equation deserves attention too. Deploying AI models in production security environments introduces new attack surfaces. If an adversary can manipulate or poison the AI’s inputs, automated defenses could become automated vulnerabilities. The prevention-first architecture that Cato and OpenAI are pursuing will need to account for adversarial AI techniques that specifically target the defender’s models.

With multiple major cybersecurity firms now inside the Daybreak program, differentiation will come down to execution rather than access. The 45-minute vulnerability response benchmark Cato has set gives the rest of the field a concrete target to chase.

Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.