Claroty announces expanded integration with CrowdStrike

Claroty has announced an expanded integration with CrowdStrike, a producer of cloud-delivered protection of endpoints, cloud workloads, identity and data.

Building on the API-based integration both companies announced at CrowdStrike’s Falcon 2022 conference between the Claroty Edge visibility solution and the CrowdStrike Falcon Discover for IoT module, the native integration includes a common methodology to discover, categorise and recognise assets, as well as joint research to continually improve device recognition. Claroty says that by enhancing the extended detection and response (XDR) capabilities of the CrowdStrike Falcon platform with comprehensive asset discovery in industrial environments, the integration gives visibility, protection and monitoring controls for the Extended Internet of Things (XIoT), including operational technology (OT), IoT and IT assets.

As organisations seek to modernise their industrial environments, they are connecting previously air-gapped OT assets to enterprise IT and the cloud, while also introducing new XIoT assets such as ‘smart’ lighting and HVAC systems. As a result, more CISOs have become responsible for securing their organisation’s cyber-physical systems; however, they lack the visibility they need to fully understand and mitigate the risks and vulnerabilities now facing them. This challenge is heightened by the inability to deploy traditional IT security solutions to these environments without disrupting mission-critical production processes.

Claroty says the native integration enables CrowdStrike Falcon Discover for IoT to provide contextualised, in-depth visibility by discovering and profiling all connected assets across industrial and enterprise environments. Once visibility is established, asset owners can deploy Claroty xDome, which integrates with the CrowdStrike Falcon platform, to reveal the risks and vulnerabilities of XIoT assets, map device-to-device communications and simplify the deployment of network security controls, and prioritise which devices require the most urgent attention, so security experts can focus their risk reduction efforts on the most vulnerable systems.

“While gaining visibility into industrial environments is the obvious first step, knowing what to do with that information is just as big of a challenge for security teams that are now charged with protecting them,” said Amol Kulkarni, Chief Product and Engineering Officer at CrowdStrike. “Organisations need a unified security platform that can provide deep visibility into cross-domain data and an understanding of their attack surface in order to make informed, risk-based decisions and improve their security posture.”

“As industrial environments become increasingly connected and exposed to new kinds of threat vectors, securing them while simultaneously maintaining operational resilience requires deploying specialised controls that cannot be achieved solely through traditional IT security methods,” said Grant Geyer, Chief Product Officer at Claroty. “Our expanded integration with CrowdStrike serves as the first step in our customers’ OT security journey and lays the groundwork for safely securing OT environments, across devices and networks, with the power of both CrowdStrike’s and Claroty’s platforms.”

Image: ©iStockphoto.com/iambuff