Claroty Security Posture Assessment
The Claroty Security Posture Analysis is an offline assessment product that provides security teams with visibility and insights into the OT network’s security risk posture.
Claroty Security Posture Assessment - The tool consumes a PCAP (packet capture) data file, collected from a network switch, and produces a comprehensive analysis of the ICS network. The report provides a summary and detailed analysis of the assets and communications discovered on the industrial network, pinpoints vulnerable assets and resolutions, and uncovers network configuration and other “network hygiene” issues that can provide attackers a pathway or impact critical processes.
Summary of Findings:
Claroty’s Security Posture Analysis provides a snapshot with detailed threat and vulnerability information along with risk-prioritized insights and recommended mitigation steps. Using this information, security teams and SOC managers can dramatically reduce their network attack surface eectively helping to strengthen their ICS risk posture.
Asset Discovery & Communication:
The Security Posture Analysis automatically identifies assets across the entire ICS network including assigned IP, nested assets, and assets that communicate over serial connections. Leveraging real-time visibility allows creating a logical map of devices within the network to be utilized for asset inventory and management tasks as well as addressing various regulatory and internal audit requirements.
The Security Posture Analysis provides a detailed report on the various control process devices and how they communicate across the network, including specific visibility on their communication paths and associated devices.
The Security Posture Analysis provides a detailed network posture as well as an overall network hygiene score calculated based on device security levels along with additional vulnerabilities, misconfiguration issues, and other threats.
The report provides a summary and detailed analysis of the assets and communications discovered on the industrial network, pinpointing vulnerable assets and resolutions, and uncovering network configuration and other “network hygiene” issues that can provide attackers a pathway in or impact critical processes.