Asset Inventory for CPS Environments
The Asset Inventory Challenge
A full Extended Internet of Things (XIoT) asset inventory is the foundation of your cybersecurity journey, but gaining it requires overcoming the following key barriers:
Proprietary Protocols Prevail
Operational technology (OT), building automation systems (BAS), and other types of cyber-physical systems (CPS) use proprietary protocols that are simply incompatible with — and thus invisible to — generalized security tools.
Diverse Assets are the Default
CPS assets can have a decades-long lifespan, so your environment likely has a diverse mix of new and legacy devices that operate and communicate differently.
Network Complexity is the Norm
CPS environments often comprise complex network architectures that include serial or air-gapped sections and are widely distributed across multiple physical sites.
One-Size-Fits-All Inventory is a Myth
Passive monitoring is often touted as a 100% effective, one-size-fits-all method for asset discovery. This is false. A full XIoT asset inventory requires multiple methods.
“We chose Claroty because we knew we needed a tool that gave us full visibility into our production environment. You can’t protect what you don’t know is actually out there. Once you identify it, then you can protect it. Having a complete OT inventory, having that visibility, and knowing what assets are communicating, is imperative to be able to understand and protect your environment.”
How Claroty Tackles the Asset Inventory Challenge for CPS Environments
Broadest Coverage of Proprietary Protocols
Claroty provides unmatched visibility within cyber-physical systems (CPS) as a result of our deep domain expertise across industrial, healthcare, and public sectors. Recognizing that your CPS environment may have upwards of hundreds of proprietary protocols, our portfolio of solutions is compatible with your OT, IoT, IoMT, BAS, and other CPS. Claroty has long been the industry leader in protocol coverage.
Multiple Methods for Tailored Discovery
Since every CPS environment is unique, there is no one-size-fits all path to asset discovery. Complexities found in most environments limit the effectiveness of any single method — which is why Claroty offers multiple, highly flexible discovery methods that you can mix and match to gain visibility into your environment, your way. These include passive monitoring, safe queries, Claroty Edge, project file analysis, and ecosystem enrichment with third-party integrations.
Eliminate Guesswork with Visibility Orchestration
The unique nature and often complex communication of CPS render them challenging to profile right the first time communications are observed. Claroty automatically identifies gaps in asset profiles and recommends discovery techniques that can fill them based on nearly a decade of insights and expertise captured in our installed base. These recommendations are then orchestrated with organizations into a copiloted series of actions that result in the industry’s most comprehensive, in-depth asset profiles to drive additional CPS cybersecurity solutions.
Enriches Asset Inventory with Integrations
Claroty’s vast technical ecosystem includes ready-made integrations with CMDB, CMMS, and other inventory management tools that enable you to further optimize workflows with your existing tech stack. Leveraging your existing tech stack with Claroty helps to extend core cybersecurity controls from those solutions into your CPS environment.
Explore Additional Resources
Platform Overview
Claroty xDome
Datasheet
Claroty Edge
Product Walkthrough
Product Walkthrough: Industrial Asset Discovery
Claroty Demo