Claroty advances CPS security with Visibility Orchestration in xDome

Claroty has revealed new Visibility Orchestration capabilities in its Saas offering Claroty xDome, transforming visibility from a vague concept into a quantifiable measurement that proves the value of a strong CPS protection program.

Visibility Orchestration elevates organizations across the industrial, healthcare, commercial, and public sectors to a high-fidelity understanding of their CPS environments, enabling measurable, actionable improvements in data quality and security posture and safely orchestrated risk reduction.

The rising threat of visibility blind spots

The cyber risks posed by undiscovered, unmonitored assets are at an all-time high. Claroty’s Team82 recently verified more than 200 cyber attacks over a 12-month period in which attackers gained access to CPS environments by simply scanning for internet-exposed devices and abusing default credentials and insecure protocols to gain access to the assets. By accessing devices such as PLCs, HMIs, medical devices, or IoT devices, they gained a foothold in mission-critical systems that govern daily societal operations.

According to Gartner, “Organizations are becoming aware of their blind spots. Asset-intensive organizations increasingly realize that CPS environments are value creation centers. For instance, a manufacturing company makes money by producing goods. A utility company can only fulfill its mission if services are delivered. Once largely ‘out of sight, out of mind,’ boards and C-suite executives increasingly want to know how their CPS production and mission-critical environments are protected.”

Despite this growing awareness, organizations are still often unaware of their visibility shortcomings, believing that they have achieved visibility simply because they have established an asset inventory. However, that visibility is often inconsistent, incomplete, and difficult to operationalize, creating a persistent gap between visibility data and actionable security outcomes that can hinder a holistic CPS protection program from effectively safeguarding business results.

Turning data into actionable CPS security

“Attaining meaningful visibility is the foundation of building a CPS security posture, however organizations still struggle with translating it into impact that advances business goals,” said Gil Gur Arie, Chief Product Officer at Claroty. “With high-quality, AI-enriched data that’s turned into clear, prioritized actions that security and operations teams can confidently execute, Claroty xDome helps teams move beyond simple measurement to active orchestration. We provide a granular roadmap for how to fix their visibility gaps, ultimately saving them hundreds of hours in manual analysis.”

Claroty xDome’s Visibility Orchestration capabilities include:

• Automated visibility recommendations: An intelligent engine that analyzes the current “Visibility Score” of assets and generates prioritized tasks to fill data gaps.
• Multi-method enrichment: Claroty xDome orchestrates a variety of collection methods, including Claroty Edge, active queries, and EDR integrations, to enrich the profiles of identified CPS assets. This ensures every device in the inventory moves from basic awareness to high-fidelity visibility, providing the deep attributes required for accurate risk assessment and maintenance.
• CPS library asset profile enhancement: Claroty xDome’s AI-driven CPS Library takes fragmented data on assets and vendors and intelligently models, categorizes, and correlates it into a single, actionable source of truth, ensuring enhanced visibility and accuracy in tracking asset attributes.
• Centralized edge scan management: Enables users to configure, schedule, and monitor periodic Claroty Edge scans for multiple hosts across a site directly from xDome. Includes audit logging and version tracking.
• Flexible edge deployment: With Edge’s hardware-free flexibility, organizations can use the infrastructure they already have without needing to add additional hosts, hardware, or network configurations.
• In-app integration orchestration: Provides the ability to trigger and configure EDR, Cloud, and Simple Network Management Protocol (SNMP) integrations directly from the Visibility Recommendations page via an integrated modal to feed meaningful CPS context into existing security workflows.