Get on the Journey!

Asset Visibility

You can’t protect and build a security strategy for assets you are blind to. Identify every CPS asset, leaving no device unaccounted for in assessing risk. A common complaint is that organizations know they have more assets but their current solution hasn’t discovered, nor identified, each device, much less its current security posture. In other cases, organizations have not prioritized the security of their OT assets within their asset inventory and governance program. This can leave doubt and concern knowing that you cannot see all of your potential cyber attack surface.

What claroty can do:

The Claroty Platform uses a precision-driven and “right-for-me” approach to asset
discovery. Recognizing that no two CPS networks are identical, The Platform employs multiple, distinct
discovery methods to:

• identify every asset across your OT environments – ICS/SCADA, IoT, BMS/BAS, Physical security –
  down to the details of each line card, where applicable,

• create the industry’s most comprehensive, in-depth asset profiles the accuracy of which enables
  more effective risk reduction, and

• create a network baseline - identify protocols in use, communication paths between assets,
  timing and patterns of communication expected from the identified assets.

Exposure Management

Swiftly identify all manner of exposure across your CPS environment. To do this, you need to know which of your assets have existing vulnerabilities and which are KEVs. You also need to understand process integrity issues and human errors such as misconfigurations and their relative impact. Together, these form the basis of a comprehensive exposure management strategy. To do this effectively, the utmost accuracy and detail from the previous Asset visibility step is necessary.

What Claroty Can Do:

The Claroty Platform takes into account vulnerability factors including CVEs and exploitation status, EoL devices and insecure protocols, anomalies from the behavioral baseline you’ve established, and other potential exposures across your network.

The Platform can then:

• identify weak links in your cyber posture

• make prioritized asset-specific recommendations and compensating controls for remediation,

• automate the establishment of virtual zones as a precursor to microsegmentation, and

• track and report on device utilization to help identify offline or underutilized devices for operational and financial efficiency.

Secure Access

Exposures can include access into your assets and networks and as such, can be your weakest link. Whether you operate in remote, geographically challenging locations, rely heavily on vendor support for your systems, or otherwise need to enable access to staff and others at home, afield or afloat, access control is central to your security. Air-gapped or segmented networks can make this step more challenging with a maze of firewalls, VPNs, jump servers, and multiple authentication steps. This complexity means a broader attack surface and opportunities for failure. But OT assets regularly need to be accessed by internal users and third-party vendors.

What Claroty can do:

With the only purpose-built secure access solution, The Claroty Platform has the industry’s deepest asset profiles and policies to provide privileged access and identity management & governance for first and third-party users. The Platform provides quick and reliable access with:

• Zero Trust-based access controls

• Streamlined access for third and “fourth” parties

• Full auditing and screen recording of remote sessions

• Auto-shutdown of suspicious or unwanted remote sessions

• Role Based Access Control (RBAC)

• and more

Continuous Monitoring/Threat Detection

Continuously monitoring Federal OT and CPS assets and networks is a critical need. Doing so, as part of attack surface management, means detecting threats swiftly while reducing operational impact. Not all threats to these specialized networks are created equal and effective attack surface management for them means:

• understanding the differences between OT/CPS and IT networks,

• recognizing and being able to act upon OT/CPS security-related threats as well as process control anomalies, and

• applying compensating controls and other mitigations that consider operational sensitivities and reduced downtime.

Having establishing accurate and ongoing asset visibility and exposure management in the earlier steps, Federal organizations have the right foundation to enact continuous monitoring for swift and effective threat detection.

What Claroty can do:

The Claroty Platform was designed to provide early identification of OT and CPS threats with:

• 5 detection engines to identify all threats to these specialized networks – known threat attacks, zero day attacks, and attacks involving sophisticated OT to process anomalies and human error

• in-depth knowledge of OT- and broader CPS-specific protocols, configurations and communications to provide context and recommendations,

• integration with the leading security vendor products to enforce Claroty Platform-provided OT and CPS-specific policies

• events, alerts and stories that regularly communicate to operators and security staff the current and ongoing status of the environment.