The Claroty Platform

Trusted by the U.S. government and the world’s largest enterprises across all industries, Claroty helps customers reveal, protect, and manage their OT, IoT, and IIoT assets. The company’s comprehensive platform connects seamlessly with customers’ existing infrastructure and programs while providing a full range of industrial cybersecurity controls for visibility, threat detection, risk, and vulnerability management, and secure remote access—all with a significantly reduced total cost of ownership. Claroty’s mission is to secure the technology that sustains our lives, providing unmatched visibility, protection & threat detection across all cyber-physical systems in Industrial, Healthcare, and Commercial environments.

Claroty’s platform arms you with this knowledge by revealing and contextualizing 100% of your network’s content, including its invisible or poorly understood content. The result is a centralized, easy-to-manage, and always up-to-date inventory of all OT, IoT, and IIoT assets, processes, and connectivity paths in your network, as well as definitive insight into what normal looks like. After revealing what’s in your network, Claroty’s platform enables you to tackle its inherent risk factors, from critical vulnerabilities and misconfigurations to poor security hygiene among personnel, to unreliable, unmonitored, and inefficient remote access mechanisms that hinder your remote workforce’s ability to repair assets and maintain uptime and resiliency.

Effective industrial cybersecurity starts with knowing what needs to be secured. Powered by xDome, Edge, Continuous Threat Detection (CTD) and Secure Remote Access (SRA) solutions, Claroty’s platform provides a full range of industrial cybersecurity controls that integrate seamlessly with your existing infrastructure, scale effortlessly, and have the industry’s lowest total cost of ownership (TCO).

Claroty xDome

As the only SaaS cybersecurity solution to offer multiple asset discovery methods, xDome delivers a comprehensive XIoT asset inventory foundation that empowers you to gain visibility your way based on what’s best for your unique environment. These methods, which include passive discovery, patent-pending Edge collector, and various third-party integrations can be combined or used individually based on your needs.

After discovering, enriching, and inventorying all XIoT assets across your entire industrial environment, xDome streamlines asset management. Specifically, the solution equips you to harness in-depth asset insights and an enriched CMDB to monitor for maintenance issues and necessary updates, enable SLA compliance, support audit requests, and drive workflow and supply chain efficiencies.

xDome automatically correlates every XIoT asset with the latest vulnerability and identifies weaknesses, which then gives custom risk scoring and optimizes your prioritization efforts. The solution also integrates with orchestration tools to help you safely uncover IT risk blindspots in your industrial environment.

Backed by our deep domain expertise, xDome leverages the visibility it provides into XIoT assets and communication flows to automatically define and recommend network policies. The solution then makes it easy for you to monitor, refine, and automatically enforce these policies with your existing firewalls, switches, or NAC solutions to start or enhance segmentation projects and implement a Zero Trust security architecture to better protect your environment.

Recognizing the rising frequency and impact of threats targeting industrial environments, xDome embraces a resilient detection model to continuously monitor your environment for the earliest indicators of both known and emerging threats. All alerts are contextualized to optimize response and remediation before a threat can impact operations. xDome also integrates with SIEM, SOAR, EDR, and various other SOC technologies.

Claroty Edge

Claroty Edge enables you to gain complete, near-instant visibility into all managed and unmanaged XIoT assets within your operational environment, creating a strong foundation for effective industrial cybersecurity and the ability to support a broad range of related capabilities such as risk management, audit, and compliance reporting, M&A due diligence, and incident response.

Vulnerability and risk management features easily identify and manage the vulnerabilities–such as missing patches, asset end-of-life indicators, and CVEs–affecting your managed and unmanaged assets. All vulnerabilities are automatically evaluated and scored based on the risks they pose to your network, enabling more efficient and effective remediation efforts.

With audit, compliance, and due diligence you can easily, quickly, and effectively support audit requests and report compliance for your industrial network, resulting in greater confidence in your reporting, a reduced risk of failed audits, and stronger compliance and overall security posture.

Immediately arm responders with a full inventory and risk and vulnerability assessment of the compromised environment, thereby optimizing incident response efforts including impact assessments, scoping, and forensics for industrial networks.

• Provides nearly instantaneous visibility into all OT, IoT, and IT assets in an industrial environment

• Enhances the speed, ease, and effectiveness with which risks & vulnerabilities can be identified and managed

• No hardware, network changes, configuration, or any physical footprint required

• Suitable for any network, regardless of geographical spread or architecture

• Helps optimize incident response efforts including impact assessments, scoping, and post-incident forensics

• Excels in providing detailed information, instantly, for audit & compliance or M&A due diligence purposes.

Claroty Secure Remote Access (SRA)

No jump servers here. Whether an internal engineer or third-party vendor, SRA enables all approved users to gain access quickly and painlessly through an intuitive interface that mimics their on-premise workstation. SRA also offers highly secure, controlled, safe access no matter where users, facilities, or assets are located.

With SRA, IT teams can delegate administration of remote access to plant staff without worrying about compromising security or infrastructure. Since SRA uses a simple, static firewall configuration and secure application tunnel, it eliminates the need for ongoing network changes. New users can be provisioned by leveraging their existing identity provider in accordance with organizational security policies.

Defining and enforcing granular access controls for industrial assets at multiple levels and geographic locations are essential for minimizing the risks to operations posed by internal and third-party remote users. SRA not only delivers these capabilities, but it also supports a Zero Trust security architecture and champions the least privilege principle.

Traditional IT remote access tools only offer limited monitoring and auditing capabilities for remote user activity. SRA overs full visibility into user activity, giving the insights needed for optimal management. Administrators have the option to monitor active SRA sessions in real time for troubleshooting, user supervision, and emergency termination if necessary. In addition, SRA automatically records every session to support response actions, investigations, and training.

SRA integrates Claroty Continuous Threat Detection (CTD) to enable you to detect, investigate, and respond to cybersecurity incidents as they happen. CTD triggers an alert if a user engages in unauthorized activity, such as trying to service assets outside predetermined maintenance windows. From the alert, an administrator can go directly into the SRA session and monitor or disconnect.

• Secures, controls, & streamlines industrial network remote access

• Minimizes risk introduced by remote & third-party users

• Enforces IT/OT security best practices in accordance with Zero Trust & Least Privilege principles

• Provides over-the-shoulder monitoring of all OT remote sessions for unauthorized changes, live troubleshooting, & emergency

  disconnections

• Enables ongoing auditing for maintenance, compliance, & forensic purposes

• Offers highly available, flexible configuration options, as well as directory services and antivirus solution integrations

Claroty Continuous Threat Detection (CTD)

Effective industrial cybersecurity starts with knowing what needs to be secured. CTD leverages the broadest and deepest industrial protocol coverage in the industry and unmatched Passive, Active, and AppDB discovery capabilities to provide comprehensive industrial visibility via a highly detailed, centralized inventory of all XIoT assets. Claroty is the only vendor that offers this caliber of visibility across the three dimensions integral to effective risk assessment and reduction: asset, session, and processes visibility.

The extensive visibility CTD provides enables it to automatically map and virtually segment industrial networks into Virtual Zones, or logical groups of assets that communicate with one another under normal circumstances. These Virtual Zones enable further features such as empowering CTD’s threat detection capabilities with cross-zone communication violation alerts and integrations with existing firewall and NAC solutions to enforce policy-based segmentation.

CTD automatically compares each asset in your industrial environment to an extensive database of unsecure protocols, known configurations, substandard security practices, and other vulnerabilities tracked by Claroty, as well as to the latest CVE data from the National Vulnerability Database. As a result, users can more effectively identify, prioritize, and remediate vulnerabilities in industrial networks.

CTD utilizes five detection engines to automatically profile all assets, communications, and processes in your industrial environment, generate a behavioral baseline that characterizes legitimate traffic to weed out false positives, and alert you in real-time to known and emerging threats. This results in highly contextualized alert timelines to help you more effectively prioritize threat remediation while reducing alert fatigue.

• Rapidly discovers and manages all assets to deliver full industrial network visibility

• Detects known & zero-day threats and behavioral and operational anomalies in real-time

• Automatically enriches alerts with root-cause analysis, risk information, & reputational context

• Correlates OT remote-user activity with anomalous events & malicious indicators

• Continually monitors for full match vulnerabilities and provides AI-driven network zoning & segmentation

• Can be deployed on-premises or via CTD. Live, a SaaS-based option that supports enterprise-wide industrial cybersecurity data management

Check Out Some Of These Industry Case Studies!