Industrial cybersecurity provide Claroty has strengthened the Claroty Platform, providing a range of operational technology (OT) security controls in a single solution to enable enterprises to more easily and effectively reduce risks posed by increasing connectivity between OT and information technology (IT) networks.
“Enterprises have been transformed through digitization initiatives, causing once-isolated OT networks to be interconnected with the rest of the enterprise. However, those OT networks remain invisible to security teams since they communicate on proprietary protocols and have very different characteristics than IT networks,” said Claroty Co-founder Galina Antova. “The Claroty Platform extends core security controls to OT environments, thereby closing the 25-plus year gap between the security posture of IT and OT networks, and delivering comprehensive governance and risk reduction across the parts of enterprise networks that were previously invisible and unsecured.”
The strengthened platform addresses four areas integral to risk reduction: visibility, threat detection, vulnerability management, and triage & mitigation. All of Claroty’s OT security controls deploy rapidly and integrate seamlessly with existing IT security infrastructure, eliminating the burden of complex deployments, steep learning curves, and unfamiliar tools—all of which have long been barriers for achieving stronger industrial cybersecurity. These controls also improve IT and OT practitioners’ ability to protect the availability, reliability, and safety of their industrial environments.
Visibility: Before the risk to an industrial environment can be reduced, it must be assessed. This requires full visibility into the environment’s OT network, which has historically been difficult to attain due to the prevalence of unfamiliar OT assets, architectures, and protocols. The Claroty Platform tackles this challenge by leveraging unmatched protocol coverage, scanning, segmentation, and secure remote access capabilities to grant complete visibility across all three OT dimensions critical to risk reduction: assets, network sessions, and processes.
With CTD 4.1, users can see and customize their view of critical information with greater ease. SRA 3.0 not only enables secure OT remote access, but it also provides real-time monitoring and recordings of all remote sessions for painless auditing and risk assessments.
Threat Detection: Swiftly detecting threats is essential to reducing risk. But aside from visibility, OT threat detection also requires distinguishing true threats from false positives. This can be challenging for reasons ranging from the incompatibility of traditional detection tools with OT networks to a deficit of OT threat intelligence, among others.
The Claroty Platform makes effective detection attainable by automatically weeding out false positives and alerting users in real-time to anomalies and known and zero-day threats. Now with CTD 4.1, users can also access and act on the latest OT threat intelligence faster than ever before with automatic updates via the Claroty Cloud, as well as utilize a customizable dashboard to quickly identify the threats that matter most.
Vulnerability Management: Effective vulnerability management is necessary for reducing risk in industrial environments. The prevalence of legacy systems means vulnerabilities are common, but so are false positives and negatives due to visibility and bandwidth limitations.
The Claroty Platform resolves these issues by automatically identifying and comparing each OT asset to an extensive database of vulnerabilities tracked by Claroty’s research team as well as to the latest common vulnerabilities and exposures data from the national vulnerability database. And with CTD 4.1, users can now pinpoint the riskiest vulnerabilities and attack vectors in their environments, receive mitigation recommendations and filter out any noise faster and more easily than ever before.
Triage & Mitigation: Time can significantly impact risk. The longer it takes for an alert to be evaluated, a threat neutralized, or exposure mitigated, the greater the risk to OT availability, reliability, and safety—as well as the entire enterprise—is likely to be.
New features within CTD 4.1 and SRA 3.0 combine purpose-built automation with deep OT context to further streamline and accelerate triage & mitigation processes. The Claroty Platform’s unique root cause analysis feature, which groups all alerts related to the same event or series of events, produces a higher signal-to-noise ratio and lower alert fatigue. As a result, users can more effectively and efficiently handle alerts and ultimately reduce risk without being overwhelmed by false positives or lengthy investigations.
“Securing critical infrastructure and industrial networks has become more important than ever, with all the new, unexpected obstacles and challenges that CISOs must overcome,” said CPO Grant Geyer. “The Claroty Platform, strengthened even further by these latest updates, is a complete OT security solution perfectly positioned to mitigate the emerging risks to OT environments.”