New device discovery and monitoring wares target large industrial environments
Industrial security specialist Claroty on Wednesday introduced enhancements to its flagship Continuous Threat Detection (CTD) offering that aim to improve the way enterprises discover and monitor Internet of Things (IoT) devices in industrial settings.
The Lowdown: The updated CTD version 3.5 extends Claroty’s deep packet inspection technology across both IoT and operational technology (OT) devices. The solution automatically discovers IoT devices on the network and classifies each based on static and behavioral attributes. It then identifies known vulnerabilities and other risks associated with those assets and continuously monitors the environment for threats and policy violations.
The Details: Other enhancements in CTD 3.5 include:
Machine learning alert algorithm – Optimizes signal-to-noise ratio by correlating all events on the network with online patterns and communication behaviors, prioritizing alerts worthy of investigation.
Root cause analytics – Contextual data and visualization tools illustrate the chain of events that triggered an alarm to help improve the speed, efficiency, and accuracy of incident response and threat hunting.
Claroty Threat Intelligence – Curated, multi-source feeds to enrich CTD’s analytics with proprietary research of zero-day vulnerabilities and IoT- and OT-specific indicators of compromises linked to threat actors’ tactics, techniques, and procedures.
Virtual Zones+ – Automatically groups network assets with similar behaviors and attributes. Once grouped, CTD identifies relationships between logical groups and auto-generates granular communication policies. The policies assign permission levels to each zone, along with a specific level of trust.
Expanded technical ecosystem – CTD now integrates with the Aruba ClearPass network access control platform and Fortinet’s Fortigate next-generation firewalls (NGFWs).
The Impact: The company also announced it has joined the Industrial Internet Consortium, an advocacy group that promotes the adoption of the Industrial Internet of Things (IIoT) technologies. As a consortium member, Claroty said it will assist the organization’s effort to drive a common security framework and a rigorous methodology to assess security in IIOT environments.
Background: Founded in 2014 and remaining in stealth mode in late 2016, Claroty last year won $60 million in Series B funding. Investors include Rockwell Automation, Schneider Electric, and Siemens.
The Buzz: “Claroty’s natural expansion into the IoT space enables us to empower customers with an unparalleled breadth and depth of visibility across their networked OT and IoT environments,” said Amir Zilberstein, CEO of Claroty. “Leveraging our comprehensive IoT-OT platform, customers can now embrace digital transformation initiatives with a higher level of confidence than ever before.”
“With the number of connected IoT devices in a manufacturing facility, cybersecurity has become as important to industrial companies as worker safety and productivity,” said Richard Soley, executive director of the Industrial Internet Consortium. “We look forward to the contributions Claroty will make in cybersecurity as a member of the (consortium) as we work together to establish a secure IIoT.”