NEW YORK, Sept. 13, 2023 /PRNewswire/ — Claroty, the cyber-physical systems (CPS) protection company, today announced enhancements to its SaaS platforms’ vulnerability and risk management (VRM) capabilities, further empowering security teams to evaluate and strengthen their organization’s CPS risk posture. The enhancements comprise a uniquely granular-yet-flexible risk scoring framework, features that enable vulnerability prioritization workflows to be up to 11 times more efficient than industry standards1, and support for the evolving Software Bills of Materials (SBOM) landscape.
This release reinforces Claroty’s commitment to tackling the most pressing issues facing CISOs and security teams across critical infrastructure sectors, including:
Furthermore, according to The 2023 Gartner® Market Guide for CPS Protection Platforms: “The number of vulnerabilities continues to grow at the same time as CPS patching remains very difficult. Most solutions: correlate the outputs from asset discovery with common vulnerability and exposures (CVE)/manufacturer recall databases and third-party vulnerability repositories, prioritize for known exploited vulnerabilities, flag unsecure application usage and default passwords, provide remediation guidance including alternative compensating controls, and provide a ticketing mechanism to track actions. More advanced solutions include: a mechanism to prevent IT scanners from touching CPS, provide a contextualized risk score based on asset criticality and likelihood of exploitability, and enhance findings and risk score with real world knowledge of their research teams.”2
The new enhancements to xDome and Medigate, Claroty’s SaaS-based solutions for industrial and healthcare organizations, respectively, build upon already-advanced VRM capabilities to now:
“CISOs and security teams face an increasingly uphill battle in mitigating the risk from obsolescent and insecure assets, as well as new vulnerability discoveries. Due to the uniqueness of CPS and critical infrastructure environments, patching everything is often impossible or too complex to execute,” said Grant Geyer, chief product officer of Claroty. “These VRM enhancements to the Claroty SaaS portfolio further equip our customers to answer their toughest cybersecurity questions: how to accurately assess risk, and which vulnerabilities to mitigate first based on how likely they are to be exploited in industrial, clinical, or other mission-critical environments.”
The KEV/EPSS, SBOM upload, and risk capabilities are all generally available now. Features enabling SBOM analysis and parsing will be available in Q4 2023.
To learn more about Claroty’s new VRM capabilities, visit the Claroty blog, download the xDome and Medigate VRM solution briefs, or request a demo. Claroty will also offer live demos at Crowdstrike Fal.Con 2023, taking place September 18-21 at Caesars Palace in Las Vegas, Nev., at booth #0705.
About Claroty
Claroty empowers organizations to secure cyber-physical systems across industrial, healthcare, public sector, and commercial environments: the Extended Internet of Things (XIoT). The company’s unified platform integrates with customers’ existing infrastructure to provide a full range of controls for visibility, risk and vulnerability management, threat detection, and secure remote access. Backed by the world’s largest investment firms and industrial automation vendors, Claroty is deployed by hundreds of organizations at thousands of sites globally. The company is headquartered in New York City and has a presence in Europe, Asia-Pacific, and Latin America. To learn more, visit claroty.com.