Network monitoring provider, Claroty, released a security posture assessment product and enhancements to its Continuous Threat Detection product.
This latest release, which broke last week at the ARC Industry Forum 2018 in Orlando, FL, incorporates real-time vulnerability monitoring and network hygiene insights with attack vector analysis, enabling industrial asset owners to fully protect revenue-generating industrial systems from rapidly growing threats.
“We know there are no silver bullets in security,” said Patrick McBride, vice president at Claroty at the ARC Forum. “Our customers need a solid tool set and they need it to be integrated.”
From US-CERT to the UK’s National Cyber Security Centre warnings and from ransomware to recent attacks on industrial safety systems, the exposure and probing of industrial control systems (ICS) is getting more urgent and concerning each day. C-suites and board members are taking notice and CISOs are becoming accountable, but protecting the networks that underpin critical industrial systems requires a comprehensive approach.
“Security teams simply don’t have the time or resources to knit together point products to protect their most important industrial assets from cyberattacks,” said Dr. Benny Porat, CTO and co-founder of Claroty. “We set out to build a comprehensive integrated suite of products designed specifically for protecting industrial networks. We were the first to combine extremely deep, end-to-end visibility into industrial networks with safe, passive threat monitoring. With today’s release, security and consulting teams can rapidly assess the security posture of industrial networks, and we have enabled customers to continuously monitor for new vulnerabilities and analyze pathways to their most important assets.”
These products are all part of the Claroty Platform and built on Claroty’s CoreX engine, which provides:
• Real-time Threat Detection including anomaly and signature-based detection for complete coverage of known and unknown threats, and analysis tools for ICS threat hunting.
1 Continuous Vulnerability Monitoring enabling customers to uncover and remedy network configuration “hygiene” issues and identify assets with known vulnerabilities (CVEs).
2 Secure Remote Access with policy- and workflow-based access control and session monitoring.
3 Enterprise Scalability including a consolidated “single pane of glass” management console for multiplant environments and integration with existing security systems (e.g., SIEM, log management, security analytics, etc.).
4 Cost-effective Deployments in remote, bandwidth- or compute-constrained environments, leveraging an advanced sensor-based architecture suitable for use cases such as electric transmission or oil/gas pipelines.
The new release of Claroty Continuous Threat Detection (Version 2.1) added enhancements including:
• Continuous Monitoring for Vulnerabilities and Network Hygiene Issues – Leveraging the same CoreX engine capabilities as Security Posture Assessment, customers receive real-time updates about industrial assets with known vulnerabilities. The system provides fine-grained CVE matching so customers don’t waste time on vulnerabilities that don’t apply to their specific environment. This new capability also includes ongoing detection of network configuration issues and other “network hygiene” weaknesses that can leave industrial networks exposed.
1 OT Attack Vector Analysis – A completely new ability to generate specific scenarios simulating possible attack vectors that have the potential of compromising critical OT assets. This empowers security teams with the visibility to proactively mitigate risk and prioritize activities along the paths of greatest potential impact to their processes.
2 Enhanced Threat and Vulnerability Intelligence – Claroty Research continues to expand its curated intelligence, adding to its knowledge base of indicators of compromise (IOCs) and ICS- specific vulnerabilities. This comprehensive threat and vulnerability feed enables improved detection, more precise threat identification, rapid situational awareness and up-to-date information about the latest weaknesses in industrial devices.