Claroty, a cyber-physical systems (CPS) protection company, has announced significant enhancements to its Software-as-a-Service (SaaS) platforms’ vulnerability and risk management (VRM) capabilities. These improvements aim to empower security teams in evaluating and strengthening the risk posture of their organization’s CPS infrastructure.
One key enhancement is the introduction of a uniquely granular-yet-flexible risk scoring framework. This framework takes into account an expanded range of factors that can increase risk, as well as compensating control improvements that can mitigate risk. This more accurate risk scoring system allows customers, even those new to CPS security, to calculate their risk posture immediately and take prioritized actions to protect their operations.
In addition, Claroty’s enhancements enable vulnerability prioritization workflows to be up to 11 times more efficient than industry standards. By automatically assigning CPS vulnerabilities to priority groups based on the latest indicators from the Known Exploited Vulnerabilities (KEV) catalog and the Exploit Prediction Scoring System (EPSS), security teams can focus their remediation efforts on the vulnerabilities that threat actors are most likely to exploit. This approach ensures that resources are not wasted on vulnerabilities that are less likely to be targeted.
Another important capability of the enhanced platform is support for the evolving Software Bills of Materials (SBOM) landscape. Recent regulatory developments have highlighted the importance of SBOMs in software supply chain risk management. Claroty now allows customers to upload SBOMs, view those uploaded by their peers, and support related workflows. This feature enables organizations to better understand the risk implications of their software supply chain and take appropriate actions to mitigate those risks.
Claroty’s enhancements come at a time when more Chief Information Security Officers (CISOs) are responsible for assessing CPS risk posture. According to estimates, 95% of critical infrastructure CISOs are now responsible for securing both IT and CPS. Of those, 98% must also quantify and account for their organization’s CPS risk posture in the broader risk score shared with executive leadership. The mounting financial and regulatory pressures, combined with the shortcomings of existing risk assessment toolkits, have made these responsibilities even more challenging for CISOs.
Additionally, the reality of managing CPS vulnerabilities is at odds with conventional wisdom. Despite nearly 70% of CPS vulnerabilities disclosed in 2022 receiving a CVSS v3 severity score of “high” or “critical,” less than 8% of these vulnerabilities have been exploited, according to Claroty’s State of XIoT Security Report: 2H 2022. This discrepancy raises concerns about the effectiveness of prioritizing remediation solely based on CVSS scores. It suggests that security teams may be overwhelmed and misdirecting resources towards vulnerabilities that are less likely to be exploited, while overlooking those that are more likely.
Claroty’s enhancements to its xDome and Medigate SaaS-based solutions for industrial and healthcare organizations build upon the already-advanced VRM capabilities. The new risk scoring framework delivers a transparent and granular way to quantify CPS risk posture. Customers can also tailor the risk calculations to align with their existing Governance, Risk, and Compliance (GRC) processes and risk priorities. Moreover, the enhancements enable customers to prioritize vulnerabilities based on exploitation likelihood, asset criticality, and impact.
“CISOs and security teams face an increasingly uphill battle in mitigating the risk from obsolescent and insecure assets, as well as new vulnerability discoveries,” said Grant Geyer, Chief Product Officer of Claroty. He emphasized that these enhancements equip customers to accurately assess risk and prioritize mitigation steps in mission-critical environments.
The new capabilities, including KEV/EPSS, SBOM upload, and risk calculations, are now generally available. Further features enabling SBOM analysis and parsing will be available in the fourth quarter of 2023.
Claroty, headquartered in New York City, empowers organizations to secure cyber-physical systems across various sectors, including industrial, healthcare, public sector, and commercial environments. Its unified platform integrates with customers’ existing infrastructure to provide a full range of controls for visibility, risk and vulnerability management, threat detection, and secure remote access. Backed by major investment firms and industrial automation vendors, Claroty is deployed by hundreds of organizations at thousands of sites globally. The company has a presence in Europe, Asia-Pacific, and Latin America.
To learn more about these VRM capabilities, interested parties can visit the Claroty blog, download the xDome and Medigate VRM solution briefs, or request a demo. Claroty will also showcase live demos at Crowdstrike Fal.Con 2023, taking place from September 18-21 at Caesars Palace in Las Vegas, Nevada, at booth #0705.