How Claroty and CrowdStrike are Combining Network and Endpoint Approaches to Protect the XIoT

Claroty’s close partnership with CrowdStrike has always been fueled by our shared mission to protect our customers’ most critical assets. We’ve taken many steps to further this mission in recent years, including releasing technical integrations to help optimize asset discovery and threat detection for our industrial and healthcare customers, publishing collective guidance on securing industrial and healthcare cyber-physical systems, and becoming a founding member of the CrowdXDR Alliance, an open coalition formed to deliver unified Extended Detection and Response (XDR) coverage across an organization’s entire ecosystem. These earlier initiatives have all helped pave the way to Claroty’s latest step forward with CrowdStrike: supporting the industry’s first-ever bidirectional network detection and response (NDR) integration.

Unveiled today at Fal.con as part of CrowdStrike’s new Discover for IoT module for its Falcon platform, the new integration aims to tackle security blindspots perpetuated by the visibility limitations and unmanaged assets prevalent in operational technology (OT) and internet of things (IoT) environments. More specifically, as the rapid growth of the Extended Internet of Things (XIoT) accelerates convergence between these environments and their information technology (IT) counterparts, organizations are facing an increasingly complex attack surface. 

Minimizing this XIoT attack surface and, ultimately, protecting against threats seeking to exploit it requires a holistic strategy powered by real-time visibility into all traffic and both managed and unmanaged assets enterprise-wide. This caliber of visibility is precisely what CrowdStrike’s new, Claroty-supported NDR integration delivers. By combining, enriching, and correlating data from CrowdStrike-managed endpoints, Claroty-discovered assets (including both managed and unmanaged), and Claroty-examined network context from across the entirety of an organization's OT, IoT, and IT environments, the integration empowers decision-makers to:

• Gain continuous, unified visibility into all XIoT (including OT, IoT, IT, and more) assets and key identifiers including vendor, OS, firmware, installed applications, configurations, and other details integral to a strong security posture and related use cases.

• Understand the full context of all XIoT network traffic, what constitutes normal versus abnormal traffic, how the XIoT assets spanning OT, IoT, and IT environments communicate, and additional network context that can be used to optimize workflows in areas ranging from asset management, to segmentation, to incident response.

• Eliminate XIoT security coverage gaps by easily revealing unmanaged assets and harnessing actionable insights to confidently manage or otherwise secure them.

This new integration will be generally available to Claroty and CrowdStrike customers later this year. If you’d like to learn more about how Claroty’s extensive portfolio and partner ecosystem can help you achieve your XIoT security objectives, please request a demo.