The security company for cyber-physical systems (CPS) across industrial, healthcare and commercial environments has launched Claroty xDome, a new cloud-based industrial cybersecurity platform.

The company says Claroty xDome is the industry's first solution to deliver the ease and scalability of SaaS without compromising on the breadth or depth of visibility, protection, and monitoring controls. Claroty says those are integral to the entire CPS security journey, especially amid the rapid expansion of CPS across the Extended Internet of Things (XIoT).

According to Gartner, over time, the technologies that underpin critical infrastructure have become more digitised and connected to enterprise IT systems or each other creating cyber-physical systems.

CPS comprise of legacy infrastructure (deployed years ago without built-in security) and new assets, which are also deployed full of vulnerabilities. This has resulted in a substantial increase in the attack surface for hackers and bad actors, and the CPS that underpin most of this critical infrastructure are under increasing attack.

Gartner predicts that by 2024, 80% of critical infrastructure organisations will abandon their existing siloed security solutions providers to bridge cyber-physical and IT risks by adopting hyper-converged solutions.

Claroty says xDome addresses this need by supporting the full CPS security journey for every organisation regardless of the types of cyber-physical systems that underpin their operations, their current maturity phase, or their network architecture. This includes:

The broadest and deepest asset discovery capabilities of any SaaS solution 

Claroty says a complete XIoT asset inventory is foundational to CPS security, and attaining it requires combining multiple asset discovery methods tailored to each environment's unique needs. While other SaaS solutions rely solely on passive monitoring, xDome offers this plus other methods, giving customers both effective asset discovery and the ease and scalability of SaaS.

Vulnerability and risk management support backed by award-winning research

Claroty says a key barrier to resilience and vulnerabilities are uniquely prevalent in industrial environments. xDome eliminates this barrier by correlating each asset with findings from Claroty's award-winning research arm Team82 and its database of known flaws, then providing custom risk scoring and remediation guidance so customers can prioritise and mitigate the risks that matter most.

Network segmentation controls that protect against escalating risks

Effective segmentation is integral to minimising exposure to cyber and operational risks, but implementing it can be difficult and even dangerous due to the complexity, fragility, and criticality of CPS. Claroty says xDome tackles this challenge by clearly defining segmentation policies that can be automatically and safely enforced via existing infrastructure.

Detection and response capabilities to combat known and unknown threats

Recognising that no environment is immune to threats, Claroty says xDome equips customers to rapidly pinpoint and remediate attack vectors, identify and respond to early indicators of both known and unknown threats, and integrate these capabilities with existing SOC tools and workflows.

Claroty CEO Yaniv Vardi says while asset discovery is an urgent need, an asset inventory by itself is not a source of value.

"By supplementing asset information with vulnerability and risk management, organisations can pivot to a much more advantageous position: from reacting to cyber threats and incidents that already exist in the network, to proactively preventing them from ever taking hold in the first place," he says.

"Making this shift is critical for achieving cyber and operational resilience, and xDome empowers our customers to do so. An ounce of prevention is worth a pound of cure."