The Claroty Blog

Claroty's Winter '18 Release Delivers Significant Enhancements and a New Security Posture Assessment Product

| Patrick McBride

2018 is starting off with a bang here at Claroty!

Following last month’s ICS Detection Challenge win, today we announced both a major update to our award-winning Continuous Threat Detection product and the introduction of a new Security Posture Assessment product. 

Adding to what we believe is the industry’s most complete ICS cybersecurity platform, this release incorporates several significant enhancements:

  • Continuous Monitoring for Vulnerabilities and Network Hygiene Issues – Leveraging the same CoreX engine capabilities as Security Posture Assessment, customers receive real-time updates about industrial assets with known vulnerabilities. The system provides fine-grained CVE matching – for example, down to the firmware version on controllers – so that customers don’t waste time on vulnerabilities that don’t apply to their specific environment. This new capability also includes ongoing detection of network configuration issues and other “network hygiene” weaknesses that can leave industrial networks exposed.
  • OT Attack Vector Analysis – A completely new ability to generate specific scenarios simulating possible attack vectors that have the potential of compromising critical OT assets. This empowers security teams with the visibility to proactively mitigate risk and prioritize activities along the paths of greatest potential impact to their processes.
  • Enhanced Threat and Vulnerability Intelligence – Claroty Research continues to expand its curated intelligence, adding to its knowledge base of indicators of compromise (IOCs) and ICS-specific vulnerabilities. This comprehensive threat and vulnerability feed enables improved detection, more precise threat identification, rapid situational awareness and up-to-date information about the latest weaknesses in industrial devices.

In addition, the new Security Posture Assessment product is ideal for both consulting and security teams who want to conduct a quick but comprehensive assessment of a plant or operational environment. This new software product ingests a network capture (PCAP) file and generates a comprehensive report detailing the industrial network, its assets, and deep insights including network configuration and other weaknesses.

These new capabilities are all part of the Claroty Platform­ and built on Claroty’s advanced CoreX engine. This fully integrated platform is unparalleled in its depth, coverage and scalability. It provides:

  • Real-time Threat Detection including advanced anomaly and signature-based detection for complete coverage of known and unknown threats and analysis tools for ICS threat hunting.
  • Continuous Vulnerability Monitoring enabling customers to uncover and remedy network configuration “hygiene” issues and identify assets with known vulnerabilities (CVEs).
  • Secure Remote Access with policy- and workflow-based access control and session monitoring.
  • Enterprise Scalability including a consolidated “single pane of glass” management console for multi-plant environments and integration with existing security systems (e.g., SIEM, log management, security analytics, etc.).
  • Cost-effective Deployments in remote, bandwidth- or compute-constrained environments, leveraging an advanced sensor-based architecture suitable for use cases such as electric transmission or oil/gas pipelines.

As I said, 2018 is starting with a bang and there is much more to come. We can’t give any details yet, but in the coming weeks, we will be announcing new partnerships and another industry award, and of course we are hard at work on the next product update. 

Stay informed by subscribing below to the blog and join us for the ride!

Subscribe to the Blog