Claroty Platform Reviews

I was using Claroty to complete training assigned by my company. The courses were self-paced and helped me get certified in two additional certifications. I plan to use it further as I have a task list for future courses. It was primarily for certification and study materials.

The feature I like most about Claroty is the scoring mechanism that tracks your progress. Claroty assigns a score based on how well you are doing in the course. If you skip a video, your score decreases, making it essential to watch the content attentively.

We have two use cases. One is for OT cybersecurity in our industrial environment, and the other is for cybersecurity solutions for our IoT and IoT devices in our hospital.

There are two main features which really distinguish the product. The first is the protocol support for industrial protocols. They offer the most support available. 

Additionally, their SRA solution, the Secure Remote Access solution, is very useful for industrial environments. They also have an office in the region with their own sales and support team, and we have our own trained team to manage the first level of support.

I appreciate the active coding, deep inspection of packages, and data retrieval. The tool covers information about assets and attack vectors, which I find superior to other tools. Based on alerts, I create reports detailing how an attacker can penetrate the plant, both externally and internally.

Initially, I felt the Claroty Platform wasn't up to the mark for vulnerability management, but recent upgrades have been very helpful. The new features provide more detailed information, including CVE numbers and thorough explanations, such as for MS17-010 (WannaCry). This level of detail meets my expectations and allows me to determine how much of the plant's assets and devices would be compromised if a vulnerability is exploited. This information is crucial for reporting to the CISO.

I've reported four bugs and three feature requests so far. The main area of focus should be on how attacks are detected. The attack vector information needs to be more detailed. For example, it's not enough to state that an SMB v1 version open can lead to a WannaCry attack. A more detailed explanation should help clients understand the various ways an attack could occur.

I use the Claroty Platform to protect our operational technology (OT) environment. It is designed as an OT Security Operations Center (SOC) tool and provides secure remote access, integrating with both legacy and current systems without burdening the network's bandwidth.

The Claroty Platform ensures security without imposing significant delays. It boosts productivity while allowing secure remote access to engineers through advanced methods.

We use the solution to monitor the integrity and security level of events from the manufacturing flows in the OT or ICS environment. The main thing is to enhance the asset registry. Claroty has some capabilities, such as four types of asset collection modules that will enhance your asset registry or asset management.

The OT or ICS environment has control logic and air-gapped networks. People cannot collect information directly from each asset. The solution has some collection modules so that no one needs to collect the information in person. Using that collection method, we can directly give instructions to the network, and it will collect and pass the information into the dashboard.

The solution's asset management is really great compared to Dragos or Nozomi. The solution's technical support is also really good.

We use the solution in our company to monitor and manage all the ODE assets of all our plants, mainly in the United States. We're also implementing Claroty Platform in our Mexico plant.

The solution's most valuable feature is the map, which shows everything that is connected and communicates with each other. The solution's vulnerability management capabilities are good enough. It always tells us about vulnerabilities in real time so that we can take the next steps and fix everything.

We use it for asset management, threat detection, and vulnerability management.

Since industrial systems prioritize availability and we can't actively scan or query the network, Claroty helps us passively monitor the OT network. 

It provides an inventory, alerts us to the latest threats through cloud-integrated threat intelligence, and offers a detailed detection mechanism. 

Additionally, it identifies vulnerabilities that we can then address with the industrial teams.

There was a very big chunk of manufacturing sensors, and we had an OT, like environment, so we were unaware of the device getting installed there, after which we thought of installing Claroty Platform as a sensor to get an idea of the assets we have in our environment. Having an idea of the assets we have in our environment can help us create a kind of inventory and get to know about the vulnerabilities that our environment is having, which can then provide alerts.

The tool's best feature was the UI and the simplicity it offers. There are multiple vendors associated with OT monitoring background. Claroty Platform has everything in itself in a single package. The tool offers live monitoring, and you can also collect the data from an isolated environment and then fetch it inside Claroty Platform, which will give the details about it. The tool's dashboard was really good. If you want to highlight something to upper management or some other stakeholders, like how our environment is right now, then creating a dashboard and highlighting it in front of management would be quite useful.