Claroty Platform: Enhanced continuous threat detection and secure remote access

Claroty has strengthened the Claroty Platform to deliver the industry’s broadest range of OT security controls in a single solution, thereby empowering enterprises to more easily and effectively reduce risks posed by increasing connectivity between OT and IT networks.

“Enterprises have been transformed through digitization initiatives, causing once-isolated OT networks to be interconnected with the rest of the enterprise. However, those OT networks remain invisible to security teams since they communicate on proprietary protocols and have very different characteristics than IT networks,” said Galina Antova, Co-founder of Claroty.

“The Claroty Platform extends core security controls to OT environments, thereby closing the 25-plus year gap between the security posture of IT and OT networks, and delivering comprehensive governance and risk reduction across the parts of enterprise networks that were previously invisible and unsecured.”

Enriched by newly enhanced Continuous Threat Detection (CTD) 4.1 and Secure Remote Access (SRA) 3.0 components, the platform addresses four areas integral to risk reduction: visibility, threat detection, vulnerability management, and triage & mitigation.

All of Claroty’s OT security controls deploy rapidly and integrate seamlessly with existing IT security infrastructure, eliminating the burden of complex deployments, steep learning curves, and unfamiliar tools—all of which have long been barriers for achieving stronger industrial cybersecurity. These controls also improve IT and OT practitioners’ ability to protect the availability, reliability, and safety of their industrial environments.

Visibility

Before the risk to an industrial environment can be reduced, it must be assessed. This requires full visibility into the environment’s OT network, which has historically been difficult to attain due to the prevalence of unfamiliar OT assets, architectures, and protocols.

The Claroty Platform tackles this challenge by leveraging unmatched protocol coverage, scanning, segmentation, and secure remote access capabilities to grant complete visibility across all three OT dimensions critical to risk reduction: assets, network sessions, and processes.

Claroty is the only vendor to provide this caliber of visibility. With CTD 4.1, users can see and customize their view of critical information with greater ease. SRA 3.0 not only enables secure OT remote access, but it also provides real-time monitoring and recordings of all remote sessions for painless auditing and risk assessments.

Threat detection

Swiftly detecting threats is essential to reducing risk. But aside from visibility, OT threat detection also requires distinguishing true threats from false positives. This can be challenging for reasons ranging from the incompatibility of traditional detection tools with OT networks to a deficit of OT threat intelligence, among others.

The Claroty Platform makes effective detection attainable by automatically weeding out false positives and alerting users in real-time to anomalies and known and zero-day threats.

Now with CTD 4.1, users can also access and act on the latest OT threat intelligence faster than ever before with automatic updates via the Claroty Cloud, as well as utilize a customizable dashboard to quickly identify the threats that matter most.

Vulnerability management

Effective vulnerability management is necessary for reducing risk in industrial environments. The prevalence of legacy systems means vulnerabilities are common, but so are false positives and negatives due to visibility and bandwidth limitations.

The Claroty Platform resolves these issues by automatically identifying and comparing each OT asset to an extensive database of vulnerabilities tracked by Claroty’s research team, as well as to the latest Common Vulnerabilities and Exposures (CVE) data from the National Vulnerability Database (NVD).

And with CTD 4.1, users can now pinpoint the riskiest vulnerabilities and attack vectors in their environments, receive mitigation recommendations and filter out any noise faster and more easily than ever before.

Triage and mitigation

Time can significantly impact risk. The longer it takes for an alert to be evaluated, a threat neutralized, or exposure mitigated, the greater the risk to OT availability, reliability, and safety—as well as the entire enterprise—is likely to be.

New features within CTD 4.1 and SRA 3.0 combine purpose-built automation with deep OT context to further streamline and accelerate triage & mitigation processes. The Claroty Platform’s unique root cause analysis feature, which groups all alerts related to the same event or series of events, produces a higher signal-to-noise ratio and lower alert fatigue.

As a result, users can more effectively and efficiently handle alerts and ultimately reduce risk without being overwhelmed by false positives or lengthy investigations.

“Being alerted to vulnerabilities in real-time is a must-have for our Manufacturing operations,” said Kevin Tierney, Vice President of Global Cybersecurity for General Motors.

“We need solutions that allow our organization to quickly identify which assets have potential vulnerabilities and prioritize the actions we need to take in order to reduce and eliminate potential risks.”

“Securing critical infrastructure and industrial networks has become more important than ever, with all the new, unexpected obstacles and challenges that CISOs must overcome,” said Grant Geyer, Chief Product Officer of Claroty.

“The Claroty Platform, strengthened even further by these latest updates, is a complete OT security solution perfectly positioned to mitigate the emerging risks to OT environments.”