Today: Claroty (continuous OT threat detection)
Company Description: Claroty bridges the industrial cybersecurity gap between information technology (IT) and operational technology (OT) environments. Organizations with highly automated production sites and factories that face significant security and financial risk especially need to bridge this gap. Claroty’s converged IT/OT solutions allow companies to leverage their existing IT security processes and technologies to improve the availability, safety and reliability of their OT assets and networks seamlessly and without requiring downtime or dedicated teams, resulting in more uptime and greater efficiency across business and production operations.
Backed and adopted by leading industrial automation vendors, Claroty is deployed on all seven continents globally. A privately held company based in New York City, Claroty has received $100 million in funding since being launched by the Team8 foundry in 2015.
Markets: Oil, Gas, Electric, Water and Wind Utilities; Chemical Manufacturing; Automotive Manufacturing; Mining; Pharma; Food and Beverage; Real Estate; Retail; Government; Data Centers and BMS; Agriculture
Products and Services
The Claroty Platform comprises Claroty’s Continuous Threat Detection (CTD), Secure Remote Access (SRA), and Enterprise Management Console (EMC) systems. It is a single, agentless solution that integrates with existing IT security infrastructure, providing the industry’s broadest range of OT security controls across four areas: visibility, threat detection, vulnerability management, and triage & mitigation.
- Continuous Threat Detection: CTD provides complete visibility for OT environments by extending IT controls to cover asset management, network segmentation, threat and anomaly detection as well as vulnerability management.
- Secure Remote Access: SRA complements CTD by helping globally distributed facilities to manage administrator and support staff access to OT environments with simple, OT-centric workflows and comprehensive monitoring and auditing.
- Enterprise Management Console: EMC is a management interface that offers a consolidated view of traffic, assets and activities that also provides SOC teams with enterprise visibility, actionable alerts and appropriate context to investigate and resolve threats in ICS systems.
Insight and Analysis
From a professional review in Gartner Peer Insights (2019):
Overall Comment: "We had implemented this for one of our clients. The requirements from the client was that they wanted to monitor their Internet Of Things (IoT) resources, a common security platform for all their clientele. The primary requirement for implementation of a thorough system of methods to assess the security concerns across all the hierarchy levels. CTD helped us achieve this for our client. It provided an extremely world-class level of security measures at a very granular level with increased visibility for the network assets and groups of networks."
What do you like most about the product or service? “Highly organized threat intelligence systems, default grouping of network assets, analytics features.”
What do you dislike most about the product or service? “Cost is very high.”
What one piece of advice would you give other prospective customers? “Explore all features of this software and implement only the necessary features.”
Pricing can be either CAPEX (perpetual) or OPEX (subscription) and is based on number of sites and number of assets.