Forum Discussion

JM's avatar
JM
Meteor
26 days ago

Reporting the wrong category goes nowhere

As per https://support.catonetworks.com/hc/en-us/articles/4413280530449-Customizing-the-Warning-Block-Page:

"The Cato Security team regularly reviews reported wrong categories and validates that the content for the category is correct. When websites or applications belong to the wrong category, the Cato Security team updates the definition of the category."

Not so much.

I just went through the last two months of such reports (filter for "Sub-Type Is Misclassification" in the Events log) and found 31 such requests from our users - most were for perfectly legit sites that for some reason were categorized as "Porn". 

And they still are - every single one of them. If the Cato security team is indeed not reviewing these submissions as originally intended, it would be great if that was communicated so that we can remove that misleading reporting link and take care of the Brightcloud submissions ourselves.

 

2 Replies

  • Hi JM,

    Eran from the Cato Product Management team here — thank you for taking the time to share this feedback.

    As outlined in our knowledge base article, we have an established process for reviewing misclassification reports and taking corrective action when needed. I’ll investigate the specific behavior you’ve described and ensure it’s addressed appropriately.

    I also want to highlight that URL filtering is a core capability of our service, and we’re continuously working to enhance its accuracy and performance. As part of this effort, we’re currently developing a new AI-powered classification model that will soon be integrated into the platform.

    Lastly, I’ll reach out to your account team to suggest a follow-up session so we can discuss this topic further with you and your team.

  • We've been with Cato for 4 years.  From experience, the user misclassification report is dealt with eventually, but it does take a while.

    As such, we have a custom category that contains the domains/FQDNs in question which is present in a firewall rule above the rule that blocks them.  We have separate categories for Security related website categories i.e. Phishing or Malware, and what I term "HR" related categories e.g. gambling/porn.

    That's the quick fix way of doing it.  A few times a year we manually go through the custom category and run each domain through the Domain Lookup feature.  If the website has indeed been recategorised and would be allowed, we delete it from the custom category as it is no longer required.