Unified Device Visibility: Enhancements to Cato’s Device Inventory

Managing devices across a modern enterprise network requires visibility, context, and integration. Cato has introduced several enhancements to the Device Inventory, bringing together improved classification, more reporting capabilities, and richer device context via integrations. These updates give administrators a clearer, more centralized view of connected assets—whether user endpoints, servers, or IoT/OT devices.

What’s New — A Concise Summary

• New Source Indicator for Device Data — shows whether a device was classified by Cato directly or via an external integration.
• Export to CSV — complete Device Inventory export for reporting, auditing, and external tool use.
• Centralized Location — Device Inventory and Device Dashboard have been merged into a single page with two tabs.
• CrowdStrike EDR Integration — enriches inventory with endpoint insights from CrowdStrike for more accurate classification.
• Device Management Integration with Microsoft Intune — merges Intune device metadata with Cato’s discovery to produce unified device profiles.
• Device Management Integration with Zoom — brings in Zoom device metadata (such as OS version, managed status) to enrich device profiles.

Details of the Enhancements

Source Indicator for Device Data

A new field in the Device Inventory named Source now provides context on how each device was discovered or classified — either by Cato directly, or through an integration like CrowdStrike, Intune, or Zoom. This helps admins evaluate classification accuracy and understand provenance of device data.

Export to CSV

Admins can now export the full Device Inventory to CSV. The export includes device details, classification source, status, and other metadata. This makes it easier to integrate the data with external asset tracking systems or generate reports for audits and compliance.

Centralized Device View

The former Device Dashboard and Device Inventory are now combined into one unified page with two tabs. One tab shows discovery, classification, and device details; the other shows summary data, dashboards, or health‐related metrics. This reduces switching between pages, making device management more efficient.

CrowdStrike EDR Integration

CrowdStrike EDR device data can now be connected to the Device Inventory. When enabled, Cato pulls in metadata from CrowdStrike to enrich existing device entries or add devices discovered via CrowdStrike. This provides deeper visibility (for example, more accurate OS, managed/unmanaged status, and endpoint-level artifacts) and better device classification.

Microsoft Intune Device Management Integration

Integration with Microsoft Intune allows Cato to merge Intune metadata with device discovery. Intune's device metadata is merged with Cato’s native discovery under IoT/OT Security. The unified profiles appear on Device Inventory, giving admins a combined view of both managed and unmanaged devices, improving visibility and classification fidelity.

Prerequisites include certain Microsoft 365 / Intune licensing and setting up the appropriate API connectors.

Zoom Device Management Integration

Zoom device metadata (for example OS version or other Zoom client/device details) can now be merged into Cato’s Device Inventory. The Zoom integration allows Zoom device data to augment Cato’s discovery so that devices participating in Zoom are better classified and visible in the inventory. This helps in identifying managed devices, and understanding their status (client version, managed vs unmanaged, etc.).

Operational Benefits

These enhancements deliver real, practical advantages:

• More precise device classification and fewer blind spots in your asset inventory.
• Easier and faster reporting (exporting CSV) for compliance, audits, or external systems.
• Centralized view reduces navigation friction and administrative overhead.
• Richer device metadata via CrowdStrike, Intune, and Zoom helps in risk assessment, vulnerability management, or patching prioritization.
• Better visibility into mixed environments: IoT/OT, unmanaged endpoints, managed endpoints, etc.

Conclusion

The latest enhancements to the Device Inventory are a strong step toward a unified, enriched view of your network’s devices. With new source visibility, better export options, and integrations with CrowdStrike, Microsoft Intune, and Zoom, admins now get more accurate, richer information in a centralized location. For organizations seeking tighter control over their asset visibility—especially where IoT/OT and managed vs unmanaged devices mix—these features offer both clarity and efficiency.

Book a free consultation with our experts to see how unified device visibility can work in your environment. Book Now

FAQ

1. Which license is required for these Device Inventory enhancements?

All the new enhancements — including the Source field, CSV export, centralized tabs, and integrations with CrowdStrike, Microsoft Intune, and Zoom — require an IoT/OT Security license. Without this license, the Device Inventory remains limited to its basic functionality. If your organization is managing IoT/OT devices or aiming for unified device visibility, upgrading to this license is strongly recommended.
 

2. What does the ‘Source’ field indicate, and how should admins use it?

The Source field tells you whether a device’s data comes from:

• Cato Discovery (classified directly by Cato’s network intelligence), or
• External Integrations (CrowdStrike, Intune, Zoom).

Admins can use this to:

• Validate the origin and reliability of the device data.
• Prioritize integrations for specific use cases (e.g., Intune for managed devices, Zoom for client details).
• Troubleshoot inconsistencies when the same device appears under multiple sources.
   

3. Can I export device inventory data, and what are the best practices?

Yes, the Device Inventory can be exported to CSV. This feature is particularly useful for:

• Compliance audits: Provide auditors with a timestamped device list.
• Asset management integration: Import the CSV into ITSM or CMDB systems to align with existing asset records.
• Custom reporting: Create pivot tables or dashboards in Excel/BI tools for executive-level visibility.

Best practice: Schedule regular exports (e.g., monthly) and archive them to maintain a historical record of device changes over time.
 

4. How does the Intune integration improve Device Inventory, and what should admins check?

The Microsoft Intune integration merges device metadata from Intune with Cato’s own discovery. This means devices managed by Intune will appear in Device Inventory with enriched attributes like OS version, device compliance status, or managed/unmanaged state.

Admins should:

• Verify their Microsoft 365/Intune licensing and API permissions.
• Check for duplicate entries between Intune and Cato, using the Source field to differentiate.
• Use Intune data to confirm device compliance before granting access to sensitive apps or networks.
   

5. What benefit does the Zoom integration bring, and when is it most valuable?

The Zoom integration adds metadata from devices using Zoom, such as client version, OS details, and whether the device is considered managed or unmanaged.

This is most valuable for organizations with a remote or hybrid workforce, where Zoom is a core collaboration tool. By merging Zoom data, admins can:

• Spot outdated Zoom clients that may pose security risks.
• Identify unmanaged devices accessing collaboration services.
• Improve visibility into devices that don’t regularly appear in corporate inventory.
   

6. How does the CrowdStrike integration improve visibility, and what are the operational use cases?

The CrowdStrike EDR integration enriches Device Inventory with endpoint telemetry, adding process, file, and user context to devices discovered on the network.

Operational use cases include:

• Threat correlation: Cross-check endpoint activity flagged by CrowdStrike with Cato’s network telemetry for a full attack chain view.
• Device classification accuracy: Differentiate between IoT devices, unmanaged endpoints, and corporate devices more precisely.
• Forensic investigation: When investigating incidents, having both endpoint and network data in the same inventory accelerates root cause analysis.

Tip: Pair CrowdStrike enrichment with Response Policies in XOps for automated alerts on high-risk devices.

7. How should admins use the new centralized Device Inventory + Dashboard view?

The new two-tabbed interface eliminates switching between separate pages. Best practice is to:

• Use the Inventory tab for detailed device attributes, classification, and integrations.
• Use the Dashboard tab for high-level trends, anomalies, and monitoring of newly discovered devices.
• Train SOC or IT ops teams to pivot between the tabs during investigations for both detail and context.