Claroty Platform Reviews

I was using Claroty to complete training assigned by my company. The courses were self-paced and helped me get certified in two additional certifications. I plan to use it further as I have a task list for future courses. It was primarily for certification and study materials.

The feature I like most about Claroty is the scoring mechanism that tracks your progress. Claroty assigns a score based on how well you are doing in the course. If you skip a video, your score decreases, making it essential to watch the content attentively.

My clients are using the Claroty Platform for asset identification, finding CVEs and threat intel.

I am aware of the continuous threat detection feature of the Claroty Platform, and even if it is good to have, because my clients cannot solve it, they just focus on network segmentation and keep it that way. It is good to have, but they are not able to use it effectively for OT devices. They are using it effectively for Windows and other machines in the environment.

The Claroty Platform has been deployed as an OS, making it very easy to deploy the tool. There is not a lot of technical knowledge required. There are clear configuration guidelines, and when you go on the site and implement it, it is very easy to complete.

We have two use cases. One is for OT cybersecurity in our industrial environment, and the other is for cybersecurity solutions for our IoT and IoT devices in our hospital.

There are two main features which really distinguish the product. The first is the protocol support for industrial protocols. They offer the most support available. 

Additionally, their SRA solution, the Secure Remote Access solution, is very useful for industrial environments. They also have an office in the region with their own sales and support team, and we have our own trained team to manage the first level of support.

I use the Claroty Platform to protect our operational technology (OT) environment. It is designed as an OT Security Operations Center (SOC) tool and provides secure remote access, integrating with both legacy and current systems without burdening the network's bandwidth.

The Claroty Platform ensures security without imposing significant delays. It boosts productivity while allowing secure remote access to engineers through advanced methods.

We use the solution to monitor the integrity and security level of events from the manufacturing flows in the OT or ICS environment. The main thing is to enhance the asset registry. Claroty has some capabilities, such as four types of asset collection modules that will enhance your asset registry or asset management.

The OT or ICS environment has control logic and air-gapped networks. People cannot collect information directly from each asset. The solution has some collection modules so that no one needs to collect the information in person. Using that collection method, we can directly give instructions to the network, and it will collect and pass the information into the dashboard.

The solution's asset management is really great compared to Dragos or Nozomi. The solution's technical support is also really good.

I appreciate the active coding, deep inspection of packages, and data retrieval. The tool covers information about assets and attack vectors, which I find superior to other tools. Based on alerts, I create reports detailing how an attacker can penetrate the plant, both externally and internally.

Initially, I felt the Claroty Platform wasn't up to the mark for vulnerability management, but recent upgrades have been very helpful. The new features provide more detailed information, including CVE numbers and thorough explanations, such as for MS17-010 (WannaCry). This level of detail meets my expectations and allows me to determine how much of the plant's assets and devices would be compromised if a vulnerability is exploited. This information is crucial for reporting to the CISO.

I've reported four bugs and three feature requests so far. The main area of focus should be on how attacks are detected. The attack vector information needs to be more detailed. For example, it's not enough to state that an SMB v1 version open can lead to a WannaCry attack. A more detailed explanation should help clients understand the various ways an attack could occur.

We use it for asset management, threat detection, and vulnerability management.

Since industrial systems prioritize availability and we can't actively scan or query the network, Claroty helps us passively monitor the OT network. 

It provides an inventory, alerts us to the latest threats through cloud-integrated threat intelligence, and offers a detailed detection mechanism. 

Additionally, it identifies vulnerabilities that we can then address with the industrial teams.

We use the solution in our company to monitor and manage all the ODE assets of all our plants, mainly in the United States. We're also implementing Claroty Platform in our Mexico plant.

The solution's most valuable feature is the map, which shows everything that is connected and communicates with each other. The solution's vulnerability management capabilities are good enough. It always tells us about vulnerabilities in real time so that we can take the next steps and fix everything.