With CrowdStrike, Claroty has a valuable partner who shares a common mission to secure industrial environments, succeeds in providing one of the best solutions available, and whose willingness to innovate has yielded remarkable results.
In celebration of this partnership, CrowdStrike and Claroty have come together to recommend 6 Best Practices for Securing Industrial Environments. These six steps can be considered a recommendation for organizations deploying both an Endpoint Detection and Response (EDR) solution — such as CrowdStrike Falcon—and a broader network security solution—such as Claroty Continuous Threat Detection (CTD).
This blog series will seek to take a deeper look at each recommended practice, the reasoning behind its necessity, and the manner in which the CrowdStrike-Claroty joint solution addresses each one. The previous best practices in this series are “Secure the Known,” “Discover the Unknown & Build Comprehensive Visibility,” and “Build a Vulnerability Plan.”
By this point in your cybersecurity journey, your enterprise should have already deployed CrowdStrike Falcon — or another endpoint security solution — and utilized the unique benefits of Claroty’s visibility and security solutions to discover your network components that cannot be managed by Falcon. Having this managed and unmanaged device inventory and monitoring coverage will have enabled your organization to develop a vulnerability plan with clear, actionable next steps to address the most critical and vulnerable gaps in security. Now, it is time to secure the previously unknown and unmanaged assets in your environments.
It is likely that there will be some devices and systems discovered that can host an agent, enabling CrowdStrike Falcon to effectively monitor and secure such manageable assets. For everything else — those assets that fall into the gaps between agent-based security, such as programmable logic controllers (PLCs), older human-machine interfaces (HMIs), or other aspects considered part of the Extended Internet of Things (XIoT) — it is necessary to turn to broader network protection solutions like Claroty Continuous Threat Detection (CTD) and xDome.
CTD and xDome were built with industrial environments in mind, with an unmatched suite of device discovery methods and by far the most extensive protocol coverage in the industry. The flexibility and unrivaled capability of the Claroty Platform, along with its integrations into best-in-class solutions such as CrowdStrike Falcon, enables organizations to see and secure devices, systems, and environments as never before. The close integration with Falcon allows for network protection to be anchored across every endpoint, providing for breadth and depth of security coverage for everything in the industrial environment. Device insights are also shared between Claroty solutions and Falcon, allowing for a holistic view of security posture.