Claroty Platform Reviews

I think a lack of visibility into industrial assets is the main use case for Claroty Platform. Claroty Platform is a cyber-physical system security platform. Lack of visibility into industrial assets, insecure legacy operational technology environments, vulnerability management challenges, and detection of threats targeting industrial systems are key concerns. I think compliance and cybersecurity risks overall are important considerations.

I think the number one best feature of Claroty Platform is comprehensive operational technology asset visibility. It identifies unmanaged assets, provides context-rich insights, and helps organizations understand the OT environment.

As far as asset visibility is concerned, this has led to almost 90%, if not 100% increase in OT asset visibility and has reduced manual effort to an extent of almost 50 to 70% in terms of discovery.

There has been a significant reduction in terms of having unknown devices in the organization. As far as this manufacturing organization is concerned, they were having manual inventory assets which took months and months to understand what the operational technology assets were there. After implementation of Claroty Platform, the discovery took just weeks and saved hundreds of engineering hours annually for them.

I think there are some areas of weaknesses in Claroty Platform. The pricing could improve, as some of the features require licensing tiers and therefore the pricing could be higher. Claroty Platform could benefit from simpler licensing and pricing structures. The executive dashboard can improve as well, and they can expand their third-party integration. Additionally, their predictive AI-driven recommendations can be improved.

I think it does provide for very good behavior analysis through AI capabilities and risk prioritization, which is generally quite trustworthy. As the capability of AI enhances, I think it can provide for better risk recommendations.

Claroty Platform can have a better and simpler licensing arrangement. Their third-party integrations can expand. They can have better executive dashboards and more AI-driven predictive risk recommendations. I would rate them an eight for these reasons.

Dashboards, licensing, integrations, and AI-driven recommendations are areas for improvement. Probably one more to add is that they can have better and more enhanced automated remediation workflows.

I have been working in my current field for over 25 years.

Claroty Platform is stable.

I think Claroty Platform is a mature and scalable OT platform and it is designed for passive monitoring. There's very positive customer feedback that we have had regarding this. It is helpful even in very large deployments that we've seen from sensing and sensor sizing. The challenges are minor in deployment, planning, and visibility. I would rate them as nine out of ten as far as its stability is concerned.

I think this is one of the strengths of Claroty Platform. The platform is designed to support everything from a single plant to multiple plants, hundreds of sites, and thousands of connected devices, both OT and IoT. It supports multiple site deployment, large asset volumes, and distributed architecture. A major advantage is that this is agent-less and passive. This solves a lot of problems for many organizations that are growing. Therefore, Claroty Platform is highly scalable and well-suited for large organizations.

I think overall Claroty Platform customer support has been good and strong, particularly because of its deep OT and industrial cybersecurity experience. They understand operational environments, industrial protocols, and challenges of manufacturing, which is quite helpful.

There was no solution that was being used previously, so I did not switch from a different solution.

I think Claroty Platform deployments are generally smooth. The client did not face any issues because the platform is agent-less. The challenge was that the environment was large, with legacy systems. When you do the initial asset classification, you validate, which takes time. It's fairly acceptable as far as collaboration and implementation are concerned. The biggest deployment challenges are generally around asset complexity, network visibility, and alert tuning. All of these take a bit of time and do smoothen out within a few weeks. Within a few months, you're fully deployed.

Depending on the kind of support—standard or premium—it can be expensive, depending on what you choose. As far as ROI is concerned, I think there's a huge benefit of hundreds of labor hours saved because of automated discovery and continuous inventory and faster audits and risk assessments.

Claroty Platform is a premium platform regarding pricing, setup cost, and licensing. Licensing is based on asset count, platform modules, and number of sensors. Deployment can range from SaaS-based to on-premise or hybrid. For large enterprises with more than 10,000 assets, I think the investment could be as high as one million dollars.

I have evaluated Nozomi Networks, which also has pretty good OT visibility and threat detection capabilities. Otherwise, there was no other platform that we looked at. Nozomi has excellent visualization that we could find. They are both market leaders, but Claroty Platform provides for better asset context and is better for having a mature exposure management.

Claroty Platform has impacted my organization positively by reducing cyber risk, by making the incident detection faster, by improving compliance readiness, reducing operational downtime, and overall through better asset management.

One of the major strengths of Claroty Platform is its ability to integrate with the existing IT and security ecosystem. It's not a standalone OT tool. My client uses Microsoft and Splunk for SOAR. They use Splunk for vulnerability management, Tenable for vulnerability management, ServiceNow, and CrowdStrike. Claroty Platform integrates well with all of these through APIs and other connectors.

I would strongly recommend Claroty Platform for organizations that operate critical infrastructure, especially manufacturing, utilities, or having a very heavy OT environment. The success depends on treating it as a business risk reduction platform and not just another security tool.

Claroty Platform is not a compliance tool, if you're sincerely asking me, but it significantly helps organizations meet OT, IoT, and critical infrastructure security requirements. It does asset classification, identification, risk assessment, continuous monitoring, and incident detection. Organizations are able to meet most of the requirements of compliance, based on these capabilities. Asset inventory, vulnerability management, continuous monitoring, and audit reporting are all very valuable for organizations that want to meet NIST CSF, ISO 27001, and NIST 800-82 compliance requirements. Claroty Platform helps in meeting these regulatory requirements quite nicely.

Claroty Platform uses passive network monitoring to carry out protocol inspection, behavioral analytics, and threat intelligence. It focuses on early detection while minimizing operational disruptions. It detects threats using threat intelligence, risk prioritization, analytics, and inspection. It works with SIEM, SOAR platforms, and other incident management platforms to enable rapid investigation and containment as required.

Asset inventory and inventory management are Claroty Platform's strong capabilities. Before implementation, my client was struggling with incomplete asset inventories, unmanaged devices, unknown devices, and manual spreadsheets. Claroty Platform does the right sort of discovery. There's not much manual asset collection effort that is required. It provides for actionable inventory. It's not just a simple device list. It does the asset critical mapping. It does the integration with CMDB as well, through ServiceNow. After implementation of Claroty Platform, the visibility goes up to one hundred percent, which otherwise was probably in the range of 60 to 70 percent. This really has a lot of business impact on security, compliance, and operations.

I rate Claroty Platform an eight out of ten.

My clients are using the Claroty Platform for asset identification, finding CVEs and threat intel.

I am aware of the continuous threat detection feature of the Claroty Platform, and even if it is good to have, because my clients cannot solve it, they just focus on network segmentation and keep it that way. It is good to have, but they are not able to use it effectively for OT devices. They are using it effectively for Windows and other machines in the environment.

The Claroty Platform has been deployed as an OS, making it very easy to deploy the tool. There is not a lot of technical knowledge required. There are clear configuration guidelines, and when you go on the site and implement it, it is very easy to complete.

Regarding the cons of the Claroty Platform, it is not about the deployment, but rather the identification. The Claroty Platform becomes too noisy when it gives numerous CVEs related to vendor match. Sometimes, these CVEs are not actually related to the device in the firmware at the site.

The Claroty Platform identifies effectively but sometimes identifies many CVEs which might not be the actual issue in certain scenarios.

I have deployed different versions for around three to four years. I am not continuously using it.

The maintenance of the Claroty Platform is straightforward. Their support team is really good.

The way the Claroty Platform has considered and included the active scanning part has made it quite scalable.

Their support team is really good.

I can rate support for the Claroty Platform from one to ten as eight to nine.

Their support for the Claroty Platform is excellent.

I install Tenable.ot in addition to deploying the Claroty Platform.

If we compare the Claroty Platform with Tenable, there are significant differences, as detection of the Claroty Platform is much better than Tenable.

The collaborations that Claroty has with numerous OEMs and OT vendors make the passive scanning of the Claroty Platform far better than Tenable.

It depends on cost-benefit analysis. If my infrastructure is critical infrastructure, the Claroty Platform saves time and resources. If my infrastructure is a very low-cost manufacturing where production stopping for half an hour does not impact much, then the Claroty Platform becomes costly. For critical infrastructure, it provides significant cost-benefit and saves substantial money.

I would agree that the solution is expensive. That is one issue that the Claroty Platform has.

I would rate the pricing of the Claroty Platform from one to ten around seven to eight.

I am using the Claroty Platform but not using Armis.

They might be able to integrate AI into the Claroty Platform when they are creating attack vectors.

I have had a very good experience with the Claroty Platform. If implemented properly, it works effectively, so I would rate it around eight to nine out of ten.

I was using Claroty to complete training assigned by my company. The courses were self-paced and helped me get certified in two additional certifications. I plan to use it further as I have a task list for future courses. It was primarily for certification and study materials.

The feature I like most about Claroty is the scoring mechanism that tracks your progress. Claroty assigns a score based on how well you are doing in the course. If you skip a video, your score decreases, making it essential to watch the content attentively.

Adding more features, perhaps more interactive ones, would help. Introducing an AI chatbot to assist you when you have doubts could be beneficial. 

Occasionally, I face a login problem despite entering the correct password. Addressing this issue could improve user experience.

I have been using Claroty for around one year.

Sometimes I face login problems where I cannot log in despite entering the correct password. This issue could be related to a bug. Overall, I would rate the stability as eight out of ten (8/10).

I would rate the scalability as eight or nine as the only issue faced was with login challenges, which could be improved.

I have contacted the support team once and received an immediate response via email, which was satisfactory.

Positive

My team worked with the Claroty team for deployment, which was smooth. Although I was not directly involved in the front-end of the deployment, my team was able to perform passive deployments for some clients, and it was quite straightforward with Claroty's professional help.

Claroty is very beneficial for learning and adds value to your resume. After seeing Claroty certification, I received messages from recruiters. 

I would rate Claroty nine out of ten (9/10) as there is always room for improvement and they could add more features.

We are a proposal team and normally use these products for our network security solution proposals. We propose it to our customers, mainly in the Singapore region, as our Singapore affiliate is primarily using Claroty Platform.

All of our end users are oil and gas companies, including refineries and petrochemical complexes.

Unless we use Claroty Platform hands-on, I will not be able to provide specific insights, because we are more of a budgeting or proposal team, normally dealing with issues like warranties and pricing. When it comes to actual technical usage, that is a different team.

Our customers buy the solution from us; we give a solution instead of them purchasing directly from Claroty Platform or the AWS marketplace.

More modularity would be helpful for Claroty Platform to improve its competitiveness.

It is on and off. For the last three to four years, we are hearing about Claroty Platform quite often.

There are no stability issues at the moment.

There are no scalability issues.

I would suggest contacting our engineering, as we are from the proposal team and don't have hands-on experience using these products, including Claroty Platform.

Support-wise, they have no issues according to what we hear from them.

The pricing is discouraging. We get inclined towards cost-effective options because of the overall project scenario. Network security is a big component nowadays in an overall project.

Our different execution team is there to handle it, but overall, the product is pretty easy to deploy and integrate with the existing system.

The subscription durations are higher, and the prices are also more competitive compared to Claroty Platform.

Regarding pricing, alternative solutions have more flexibility in subscriptions regarding the number of years, and we can customize them much better.

Alternate solutions are popular in my region, but they are quite a costlier option.

Claroty Platform is quite professional, and I would rate it an eight out of ten.

We have two use cases. One is for OT cybersecurity in our industrial environment, and the other is for cybersecurity solutions for our IoT and IoT devices in our hospital.

There are two main features which really distinguish the product. The first is the protocol support for industrial protocols. They offer the most support available. 

Additionally, their SRA solution, the Secure Remote Access solution, is very useful for industrial environments. They also have an office in the region with their own sales and support team, and we have our own trained team to manage the first level of support.

If more AI features could be included with the Clarity solution, it would be feasible for everybody. As AI is booming now, there are concerns about AI security. 

There should be AI security solutions implemented. This should be a priority for vendors as they invest in AI-enabled solutions because AI security is a concern for everyone.

I have been using it for almost two years.

Until now, based on our experience, we have had no performance issues at all.

The solution did scale well.

Customer service is number one and the best.

Positive

There were two scenarios where people were using other solutions, such as Nozomi. They faced many pain points with Nozomi. During the POC with Clarity, the client was amazed by the performance and the difference between Clarity and Nozomi and Traverse. They decided to replace their Nozomi system with Clarity. For one Miami customer, they also used Nozomi yet lacked proper visibility solutions with the detection.

The initial setup is straightforward and not complex at all.

We follow a self-process. As soon as we find an opportunity, we present our solution and arrange technical presentations. Then we conduct a POC or POV and proceed accordingly.

There are various cases we've shared with our clients, and it always results in a positive way.

The cost is as per the standard market. It is neither too high nor too low. The pricing is similar to Nozomi and DriveWell.

I have not worked directly with Nozomi but have encountered them as a competitor in our market. Their advantage is that they entered the Middle East market early, which is why they have a good number of installations.

We have tried others, but unfortunately, their performance was not as good. Performance was better with Claroty. One should always check performance, protocol availability, and quick response time, which is a key strength when comparing Clarity with other vendors. 

I rate the overall solution eight out of ten.

We use the solution to monitor the integrity and security level of events from the manufacturing flows in the OT or ICS environment. The main thing is to enhance the asset registry. Claroty has some capabilities, such as four types of asset collection modules that will enhance your asset registry or asset management.

The OT or ICS environment has control logic and air-gapped networks. People cannot collect information directly from each asset. The solution has some collection modules so that no one needs to collect the information in person. Using that collection method, we can directly give instructions to the network, and it will collect and pass the information into the dashboard.

The solution's asset management is really great compared to Dragos or Nozomi. The solution's technical support is also really good.

Currently, we are facing some issues on the manufacturing floor. Claroty Platform collects the latest information, but instead of incorporating it into the right asset, it creates new assets in the asset inventory. For example, it has used a different IP address for the same asset through the DHCP server. Instead of merging those two assets into a single one, Claroty Platform creates a duplicate.

There are some misconceptions about alert description areas. The tool does not properly throw the right description for the relevant alerts. If it's a denial of service, it shows some other improper description there. The solution also shows some improper activity information in the dashboard.

We face issues in the alert investigation area because it does not properly give the alert communication patterns. I don't know whether the problem is with the network segmentation or with Claroty. I feel Claroty should take some more steps to improve it.

The tool also has the capability to give the PCAP for every alert. However, it does not give proper information in the PCAP file for a few PCAPs, such as a host scan or port scan. When I used to search in Wireshark or Tshark, it did not properly give a whole conversation between the source and the destination.

I have been using Claroty Platform for one year and seven months.

The solution's 4.9.1 version is really good, and we didn't encounter any bugs. However, it's all about network segmentation and how manufacturing follows the asset registry. If they do not properly perform network segmentation, Claroty cannot provide robust information in the dashboard.

Around seven to eight people are using the solution in our organization.

We have contacted the solution's support team multiple times for many issues with bugs in previous versions. Sometimes, when we try to download some of the latest vulnerabilities or insights from Claroty, we get a 500 internal error. The support team rectified this and solved it in the latest update.

I rate the technical support seven and a half out of ten.

Neutral

We previously used Armis. We switched to Claroty Platform because Armis does not have asset management capabilities like Claroty.

We have hosted the solution on VMware. Previously, we used the on-premise machine from Claroty, but we changed it to a virtual machine due to some resource constraints.

The solution has a lot of issues regarding the alert investigations. Recently, it pushed its latest update to 5.0.1, and they have totally moved to the Ubuntu OS. Claroty claims it has rectified several issues and provided solutions for those in that latest version.

I would recommend the solution to other users. However, Claroty is not good for a power grid environment. It is easy for a beginner to learn to use Claroty Platform for the first time. I started working on the solution after I finished college. It was new for me, but I slowly learned it, and now I am in an admin position.

Overall, I rate the solution seven and a half out of ten.

I use the Claroty Platform to protect our operational technology (OT) environment. It is designed as an OT Security Operations Center (SOC) tool and provides secure remote access, integrating with both legacy and current systems without burdening the network's bandwidth.

The Claroty Platform ensures security without imposing significant delays. It boosts productivity while allowing secure remote access to engineers through advanced methods.

The platform ensures security without imposing significant delays. It boosts productivity while allowing secure remote access to engineers through advanced methods. It provides seamless integration with legacy systems and supports both passive and active reconnaissance. The ability to detect and classify assets, assess vulnerabilities, and manage patches and updates effectively is highly beneficial.

There is room for improvement in the user interface to make it more vibrant and interactive, similar to IT tools. Improvements could also be made in the Secure Remote Access (SRA) user interaction and graphical representations of recordings. Additionally, reducing the overall cost of hardware and software solutions would be beneficial.

I have been using the Claroty Platform for about three years.

The platform runs with minimal delays and effectively manages workloads without intruding on the network, indicating a stable performance.

The Claroty Platform offers a scalable solution that accommodates both cloud and on-premise deployments, integrating seamlessly with existing infrastructure and supporting legacy systems.

The support is prompt, and the technical team provides training and assistance as required. Despite time zone differences causing slight delays, their response and support are effective and proactive.

Positive

I have used other products like Honeywell Amir, Nozomi, Vervetek, and others, but I found Claroty to be more rugged and suited for enterprise environments.

The initial setup requires certain certifications, which ensure a smooth integration process with Claroty's support.

The implementation was supported by a team from Claroty, ensuring compliance with required certifications for deployment.

The cost of the Claroty Platform is comparatively high, however, the ruggedness and comprehensive security features justify the investment.

Other solutions I evaluated include Honeywell Amir, Nozomi, Vervetek, and others.

Based on my experience, I would rate the overall solution eight out of ten.

Claroty provides a robust solution for OT environments, though improvements in user interface and cost are recommended.

We use it for asset management, threat detection, and vulnerability management.

Since industrial systems prioritize availability and we can't actively scan or query the network, Claroty helps us passively monitor the OT network. 

It provides an inventory, alerts us to the latest threats through cloud-integrated threat intelligence, and offers a detailed detection mechanism. 

Additionally, it identifies vulnerabilities that we can then address with the industrial teams.

Threat detection and vulnerability management are the most valuable features. There are also custom rules that help reduce noise and ensure we receive meaningful alerts and events.

The vulnerability management capabilities that helped mitigate potential threats have been very helpful. Claroty identifies all vulnerabilities available in our environment, and while the tool provides the information, a skilled team is needed to manage and address these vulnerabilities effectively. It can also be integrated with third-party vulnerability management tools for a unified view, where all the vulnerabilities can be displayed and prioritized based on asset criticality.

It is easy to integrate Claroty into our existing system. 

There are a few protocols that Claroty doesn't currently support.

I have been using it for five years. 

I don't face stability issues often but there have been a few issues during upgrades that Claroty's support team has addressed.

It's all right in terms of scalability. I would rate the scalability an eight out of ten.

The customer service and support are really good and helpful, both in terms of response time and knowledge.

I've worked with Tenable OT, Defender for IoT, and Nozomi Networks, as I've been in this field for seven to eight years.

It's a bit expensive compared to other solutions.

Overall, I would rate it a nine out of ten. Claroty is a good tool for anyone wanting to get started with understanding their OT network risk posture. It provides valuable insights into vulnerabilities without disrupting the network.

I would recommend it to others. 

We use the solution in our company to monitor and manage all the ODE assets of all our plants, mainly in the United States. We're also implementing Claroty Platform in our Mexico plant.

The solution's most valuable feature is the map, which shows everything that is connected and communicates with each other. The solution's vulnerability management capabilities are good enough. It always tells us about vulnerabilities in real time so that we can take the next steps and fix everything.

I have been working with Claroty Platform for one and a half years as a user. I also used to be a presales engineer and sold the solution for around five years. So, I have a total of six and a half years of experience with Claroty Platform.

We’ve never had any issues with the solution’s stability.

Scaling the solution is easy enough and not difficult. We have about ten people managing the solution at each site. A global security operation center manages the main solution, and around 30 to 40 people work with it.

I rate the solution’s scalability a nine out of ten.

The solution's technical support is awesome. There's always someone who can help you with anything.

I also use other tools like Nozomi, Tripwire, and Cyber Vision.

We've always had a good experience using the solution. With Claroty Platform, we can reach everything and see everything. It also helps us review any vulnerabilities. During the CrowdStrike issue a week and a half ago, Claroty Platform helped us with the PCs that went down. So, it's a very good tool.

Claroty Platform is a very easy tool. It was very easy to use the first time I looked at the tool as a pre-sales engineer. Then, I had a couple of training sessions. We had a new version of the solution a couple of months ago, and it's still very easy to use. I think everyone can use it. The tool may not be easy for some people, but it can be done with training.

It's easy to integrate Claroty Platform with the rest of our tools. The solution is worth the money. I would recommend Claroty Platform to other users because it's a very good monitoring tool. It's the best and most powerful monitoring tool in the market.

Overall, I rate the solution ten out of ten.

There was a very big chunk of manufacturing sensors, and we had an OT, like environment, so we were unaware of the device getting installed there, after which we thought of installing Claroty Platform as a sensor to get an idea of the assets we have in our environment. Having an idea of the assets we have in our environment can help us create a kind of inventory and get to know about the vulnerabilities that our environment is having, which can then provide alerts.

The tool's best feature was the UI and the simplicity it offers. There are multiple vendors associated with OT monitoring background. Claroty Platform has everything in itself in a single package. The tool offers live monitoring, and you can also collect the data from an isolated environment and then fetch it inside Claroty Platform, which will give the details about it. The tool's dashboard was really good. If you want to highlight something to upper management or some other stakeholders, like how our environment is right now, then creating a dashboard and highlighting it in front of management would be quite useful.

In my company, we have done PoC on multiple vendors, and at that point, we figured out what improvements are needed in Claroty Platform. When we talk about vulnerabilities, Claroty Platform only gives the vulnerabilities based on the make and model of the devices, so it doesn't provide any resolution or any detailed explanation of how one can resolve such issues. From a vulnerability point of view, if you want to do vulnerability management, that will be a little bit of a difficult task with Claroty Platform because most of the time, we will have to figure out how to resolve it and whether patches are available for this particular device or version of the software which we are using.

I have been using Claroty Platform for two years. I am a user of the tool.

It is a stable solution. I haven't faced any breakdown in the environment.

My company had eight locations, and we deployed only two. The tool was managed by four people. One person was to look after the administration and other people were to respond to the incidents and alerts happening in the tool.

My company had multiple discussions with Claroty's support, and their team was quite responsive. There were some incidents where we were unable to figure out some things within Claroty from a knowledge point of view, and that was where the tool's support team helped us. I rate the technical support a seven out of ten.

Neutral

The product is difficult to deploy because, like everyone in manufacturing, all the locations and other areas are not nearby. The stations, power stations, and devices are not nearby. Sometimes, we will have to introduce new technologies within the environment to transfer the data to the sensor. The tool's deployment is a bit hectic. The tool's deployment will be smooth once we figure it out. One needs to think about the tool before deploying it.

The solution is deployed on an on-premises model in the security center for threat detection.

The tool was deployed with the help of the solution's partner.

The tool is quite expensive. I would not say it is not a cheap tool. All the major companies offering any particular OT monitoring tool, provide the same product.

In my company, I was the one who initiated the need to have the product. After my company had dealt with a number of PoCs from different vendors, Claroty Platform was the one we chose from the list containing Microsoft Defender for IoT and Tenable. Our basic requirement was to get an idea of the devices that we have in our environment and then connect it with the main data center. Claroty Platform was a mature product at a time when Microsoft Defender for IoT and Tenable were still struggling to set up their software requirements. My company went ahead with Claroty Platform as it was a mature tool at that point. I am not using Claroty Platform right now, so I can't say much about it.

I cannot suggest anyone use Claroty Platform directly, and I would request others to list down their requirements. If your requirements and infrastructure are such that you can deploy your physical devices for multiple locations, then I would suggest you go ahead with Claroty Platform. If you have some other kind of infrastructure with cloud deployments in your company, then I would suggest you look for products other than Claroty Platform. Microsoft Defender for IoT works well in the cloud if you have Azure deployments. If you have physical deployment going on, you should go ahead and install Claroty Platform.

I rate the tool an eight out of ten.