- February 14, 2018
February 14, 2018 – Claroty announced a Security Posture Assessment product and enhancements to its Continuous Threat Detection product. This release incorporates real-time vulnerability monitoring and network hygiene insights with attack vector analysis. The announcement was made in conjunction with ARC Industry Forum Orlando 2018 taking place this week.
From US-CERT to the UK’s National Cyber Security Centre warnings and from ransomware to recent attacks on industrial safety systems, the exposure and probing of industrial control systems (ICS) is getting more urgent and concerning each day. C-suites and board members are taking notice and CISOs are becoming accountable, but protecting the networks that underpin critical industrial systems requires a comprehensive approach.
These products are all part of the Claroty Platform and built on Claroty’s advanced CoreX engine. This fully integrated platform is designed to provide:
- Real-time Threat Detection including anomaly and signature-based detection for coverage of known and unknown threats, and analysis tools for ICS threat hunting.
- Continuous Vulnerability Monitoring enabling customers to uncover and remedy network configuration “hygiene” issues and identify assets with known vulnerabilities (CVEs).
- Secure Remote Access with policy- and workflow-based access control and session monitoring.
- Enterprise Scalability including a consolidated “single pane of glass” management console for multiplant environments and integration with existing security systems (e.g., SIEM, log management, security analytics, etc.).
- Deployments in remote, bandwidth- or compute-constrained environments, leveraging a sensor-based architecture suitable for use cases such as electric transmission or oil/gas pipelines.
The Security Posture Assessment product is designed for both consulting and security teams who want to conduct a comprehensive assessment of a plant or operational environment. This software product ingests a network capture (PCAP) file and generates a report detailing the industrial network, its assets, and deep insights including network configuration and other weaknesses.
The release of Claroty Continuous Threat Detection (Version 2.1) includes a enhancements including:
- Continuous Monitoring for Vulnerabilities and Network Hygiene Issues – Leveraging the same CoreX engine capabilities as Security Posture Assessment, customers receive real-time updates about industrial assets with known vulnerabilities. The system provides fine-grained CVE matching – for example, down to the firmware version on controllers. This capability also includes ongoing detection of network configuration issues and other “network hygiene” weaknesses that can leave industrial networks exposed.
- OT Attack Vector Analysis – An ability to generate specific scenarios simulating possible attack vectors that have the potential of compromising critical OT assets.
- Enhanced Threat and Vulnerability Intelligence – Claroty Research continues to expand its curated intelligence, adding to its knowledge base of indicators of compromise (IOCs) and ICSspecific vulnerabilities.
The release of this latest version of the Claroty Platform is generally available to all existing clients as of the time of this announcement.
Launched as the second startup from Team8 foundry, Claroty combines management and research teams and technical expertise from both IT and OT disciplines, with backing from investors such as Bessemer Venture Partners and Innovation Endeavors. With an understanding of ICS, SCADA and other essential OT/IIoT systems, the Claroty team is building a suite of integrated products addressing cybersecurity protection, detection and response requirements.