Network monitoring provider Claroty gained certification with the RSA NetWitness Suite.
After collaboration and testing by the Claroty Platform is capable of sharing information with RSA to assist security teams with forensic analysis and incident response related to abnormal and malicious behavior in critical infrastructure and other OT networks.
The Claroty Platform provides protection, detection and response capabilities for ICS/OT networks. The platform monitors industrial networks for cyber threats. Continuous threat detection creates a detailed inventory of industrial network assets, identifies misconfigurations, monitors traffic between assets, and finds anomalies that may indicate the presence of a malicious actor. Context-rich alerts provide plant and security personnel with actionable insights for efficient investigation, response and recovery.
“This interoperability comes at a time of increasing danger for the world’s industrial control systems and critical infrastructure networks,” said Benny Porat, co-founder and CTO of Claroty. “Attack volume – and the number and type of threat actors behind those attacks – are evolving in this space at a rapid and alarming pace.”
“At RSA, we recognize that there are serious challenges in the area of ICS security,” said Matthew Chase, senior manager of technical alliances at RSA. “We’re overcoming those challenges by working with Claroty, and this certification marks an important step in our collaboration.”
When configured on sites of customers of the Claroty Platform and the RSA NetWitness Suite, every new alert generated by the Claroty Platform (or the resolution of an alert) and the events associated with it, will be sent through to the RSA NetWitness software to help provide a unified view in the full context of the organization’s security monitoring.
Click here for more information on the interoperability pact, including detailed installation guides.