We use the solution to monitor the integrity and security level of events from the manufacturing flows in the OT or ICS environment. The main thing is to enhance the asset registry. Claroty has some capabilities, such as four types of asset collection modules that will enhance your asset registry or asset management.

The OT or ICS environment has control logic and air-gapped networks. People cannot collect information directly from each asset. The solution has some collection modules so that no one needs to collect the information in person. Using that collection method, we can directly give instructions to the network, and it will collect and pass the information into the dashboard.

The solution's asset management is really great compared to Dragos or Nozomi. The solution's technical support is also really good.

Currently, we are facing some issues on the manufacturing floor. Claroty Platform collects the latest information, but instead of incorporating it into the right asset, it creates new assets in the asset inventory. For example, it has used a different IP address for the same asset through the DHCP server. Instead of merging those two assets into a single one, Claroty Platform creates a duplicate.

There are some misconceptions about alert description areas. The tool does not properly throw the right description for the relevant alerts. If it's a denial of service, it shows some other improper description there. The solution also shows some improper activity information in the dashboard.

We face issues in the alert investigation area because it does not properly give the alert communication patterns. I don't know whether the problem is with the network segmentation or with Claroty. I feel Claroty should take some more steps to improve it.

The tool also has the capability to give the PCAP for every alert. However, it does not give proper information in the PCAP file for a few PCAPs, such as a host scan or port scan. When I used to search in Wireshark or Tshark, it did not properly give a whole conversation between the source and the destination.

I have been using Claroty Platform for one year and seven months.

The solution's 4.9.1 version is really good, and we didn't encounter any bugs. However, it's all about network segmentation and how manufacturing follows the asset registry. If they do not properly perform network segmentation, Claroty cannot provide robust information in the dashboard.

Around seven to eight people are using the solution in our organization.

We have contacted the solution's support team multiple times for many issues with bugs in previous versions. Sometimes, when we try to download some of the latest vulnerabilities or insights from Claroty, we get a 500 internal error. The support team rectified this and solved it in the latest update.

I rate the technical support seven and a half out of ten.

Neutral

We previously used Armis. We switched to Claroty Platform because Armis does not have asset management capabilities like Claroty.

We have hosted the solution on VMware. Previously, we used the on-premise machine from Claroty, but we changed it to a virtual machine due to some resource constraints.

The solution has a lot of issues regarding the alert investigations. Recently, it pushed its latest update to 5.0.1, and they have totally moved to the Ubuntu OS. Claroty claims it has rectified several issues and provided solutions for those in that latest version.

I would recommend the solution to other users. However, Claroty is not good for a power grid environment. It is easy for a beginner to learn to use Claroty Platform for the first time. I started working on the solution after I finished college. It was new for me, but I slowly learned it, and now I am in an admin position.

Overall, I rate the solution seven and a half out of ten.

We use the solution in our company to monitor and manage all the ODE assets of all our plants, mainly in the United States. We're also implementing Claroty Platform in our Mexico plant.

The solution's most valuable feature is the map, which shows everything that is connected and communicates with each other. The solution's vulnerability management capabilities are good enough. It always tells us about vulnerabilities in real time so that we can take the next steps and fix everything.

I have been working with Claroty Platform for one and a half years as a user. I also used to be a presales engineer and sold the solution for around five years. So, I have a total of six and a half years of experience with Claroty Platform.

We’ve never had any issues with the solution’s stability.

Scaling the solution is easy enough and not difficult. We have about ten people managing the solution at each site. A global security operation center manages the main solution, and around 30 to 40 people work with it.

I rate the solution’s scalability a nine out of ten.

The solution's technical support is awesome. There's always someone who can help you with anything.

I also use other tools like Nozomi, Tripwire, and Cyber Vision.

We've always had a good experience using the solution. With Claroty Platform, we can reach everything and see everything. It also helps us review any vulnerabilities. During the CrowdStrike issue a week and a half ago, Claroty Platform helped us with the PCs that went down. So, it's a very good tool.

Claroty Platform is a very easy tool. It was very easy to use the first time I looked at the tool as a pre-sales engineer. Then, I had a couple of training sessions. We had a new version of the solution a couple of months ago, and it's still very easy to use. I think everyone can use it. The tool may not be easy for some people, but it can be done with training.

It's easy to integrate Claroty Platform with the rest of our tools. The solution is worth the money. I would recommend Claroty Platform to other users because it's a very good monitoring tool. It's the best and most powerful monitoring tool in the market.

Overall, I rate the solution ten out of ten.

The main customers want visibility on their security devices. The first target is to implement the solution to give any panelist access to our and the customer's infrastructure.

Claroty is a good platform for increased business in network solutions.

Pricing could be improved.

I have been using Claroty Platform for two years.

The product is stable.

I rate the solution’s stability an eight out of ten.

One person is using this solution. We develop and install the product at the customer's site. Four people work with the solution.

The initial setup is very easy and takes two hours to complete. We are a group of five people deploying it.

I rate the product’s pricing a six out of ten, where one is cheap, and ten is expensive.

I'm doing the maintenance. I recommend the solution. 

Overall, I rate the solution a seven out of ten.

We use it for asset inventory, vulnerability management for our OT devices, and network monitoring for our factories.

Claroty provides continuous threat protection and identifies pre-empty stuff and false positives. So far, we haven't had any intrusions. However, we have used the solution to mitigate this. 

First, the graphical user interface is quite poor. It's 2024, and we still have to export data to Excel to make use of it. The solution could have a better graphical or user interface.

Second, their active queries need substantial improvement. The current system lacks efficiency and the ability to communicate with and gather information from multiple systems.

Third, the reporting capabilities for vulnerability management require significant enhancement. Better reporting tools and improved ways to create reports are essential for usability. The current method of report creation does not align with how we need to use the tool.

The tool cannot exclude a specific factory line from the sensors while implementing new work to avoid false positives. After the implementation, I would like to return that line to training mode to learn any new configurations or changes. This would allow the system to create a new baseline for those assets. However, that functionality is not available right now.

I have been using Claroty Platform for two years. We are using V5.0 of the solution.

I rate its stability an eight out of ten.

We have deployed over 270 sensors. 60 people are working on this solution.

I rate its scalability a seven out of ten.

Since we were still in the deployment stage, it wasn't crucial from an operational point of view, but we had stability issues with the CTDs going down and similar problems. However, Claroty support addressed these issues quite well.

Positive

Deploying thirty-plus sites takes around five months. Eight people were involved in networking and other tasks.

I rate the setup process as three without training, but with training and some help from Claroty or any integrator, I rate it as seven or eight out of ten.

Our main challenge was that the integrator was not on par. It was more about the difficulty of doing it on your own. If you get help from an integrator or Claroty, it can be much smoother. For example, in our case, I worked with a Claroty engineer to onboard one of our sites. Afterward, I created all the necessary materials, SOPs, and documentation for our engineers to handle the rest of the sites in-house.

I have implemented preemptive mitigations for various issues, such as open SMB version one port in our network, which was identified using the Claroty Platform. I then proceeded to close these vulnerabilities and other similar issues.

For maintenance, two or three people were required.

Overall, I rate the solution a seven out of ten.

I appreciate the active coding, deep inspection of packages, and data retrieval. The tool covers information about assets and attack vectors, which I find superior to other tools. Based on alerts, I create reports detailing how an attacker can penetrate the plant, both externally and internally.

Initially, I felt the Claroty Platform wasn't up to the mark for vulnerability management, but recent upgrades have been very helpful. The new features provide more detailed information, including CVE numbers and thorough explanations, such as for MS17-010 (WannaCry). This level of detail meets my expectations and allows me to determine how much of the plant's assets and devices would be compromised if a vulnerability is exploited. This information is crucial for reporting to the CISO.

I've reported four bugs and three feature requests so far. The main area of focus should be on how attacks are detected. The attack vector information needs to be more detailed. For example, it's not enough to state that an SMB v1 version open can lead to a WannaCry attack. A more detailed explanation should help clients understand the various ways an attack could occur.

When I was configuring the VM, I encountered a few issues. Resolving them took me three to four days, and I had assistance from the support team about six to eight months ago. I rate its stability as five out of ten. 

The solution is scalable. 

The support team is often slow. When there's a feature request, they usually say it's in the pipeline, but sometimes it takes two to three months without any response. It would be better if they had an SLA, providing updates within a week so that we can inform the client about the progress and expected resolution time.

Positive

The licensing for physical devices is cheap, but the software version is expensive. The software version costs around 26-28 dollars. I was surprised and even double-checked. It was shocking.

I highly recommend Claroty Platform to all my clients, making it my first priority due to my close work with it and my familiarity with troubleshooting. I rate it a ten out of ten. 

We use it for asset management, threat detection, and vulnerability management.

Since industrial systems prioritize availability and we can't actively scan or query the network, Claroty helps us passively monitor the OT network. 

It provides an inventory, alerts us to the latest threats through cloud-integrated threat intelligence, and offers a detailed detection mechanism. 

Additionally, it identifies vulnerabilities that we can then address with the industrial teams.

Threat detection and vulnerability management are the most valuable features. There are also custom rules that help reduce noise and ensure we receive meaningful alerts and events.

The vulnerability management capabilities that helped mitigate potential threats have been very helpful. Claroty identifies all vulnerabilities available in our environment, and while the tool provides the information, a skilled team is needed to manage and address these vulnerabilities effectively. It can also be integrated with third-party vulnerability management tools for a unified view, where all the vulnerabilities can be displayed and prioritized based on asset criticality.

It is easy to integrate Claroty into our existing system. 

There are a few protocols that Claroty doesn't currently support.

I have been using it for five years. 

I don't face stability issues often but there have been a few issues during upgrades that Claroty's support team has addressed.

It's all right in terms of scalability. I would rate the scalability an eight out of ten.

The customer service and support are really good and helpful, both in terms of response time and knowledge.

I've worked with Tenable OT, Defender for IoT, and Nozomi Networks, as I've been in this field for seven to eight years.

It's a bit expensive compared to other solutions.

Overall, I would rate it a nine out of ten. Claroty is a good tool for anyone wanting to get started with understanding their OT network risk posture. It provides valuable insights into vulnerabilities without disrupting the network.

I would recommend it to others. 

It's a very good solution for what it promises.

The main improvement has been in continuous threat detection. So far, it's been a good experience with network monitoring capabilities.

It's mostly utilized for asset discovery and secure remote connection.

The main advantage of Claroty, when compared to its competitors, is Integrated secure remote access.

The knowledge of the threat landscape is pretty good. That's the only area that customers are concerned with once a solution is implemented. So, Claroty has a good team and a good way to update its installed base.

Claroty Platform could improve the pricing to get more acceptability in the market.

I have been using it for less than a year. 

We haven't had a lot of need for support yet, but so far, it's been good.

Claroty has certain benefits, especially in integrated secure remote access, but for general applications, Nozomi could be a good alternative.

It's more of an insurance against vulnerabilities and threats.

It's quite expensive compared to other options.

Overall, I would rate the product a seven out of ten. It is very good.

Our company has designed a project with Claroty Platform being used for the cybersecurity audit. Suppose our company needs to collect information about the systems in Indian Oil, HPCL, or other oil refineries. In that case, we collect the data and gather the information to look at the vulnerabilities, see how the firmware and networks look, and look at the protocols used in a particular environment. Our company gathers the aforementioned type of information with the help of Claroty Platform.

The most valuable feature of the solution stems from its visibility section since, within a very short amount of time, the tool provides visibility for users to see the devices that are connected to the systems in an environment and to see how the communication is going on while keeping a tab over other areas like alerts and insights, which can be useful for the system.

The product fulfills our company's needs. Currently, Claroty Platform focuses on industrial control systems and OT. If Claroty Platform expands to the IT network side, it will benefit Claroty and those who want the tool for their IT network part.

Information related to zero-day attacks, which are difficult to detect in a system, is an area of concern that needs to be improved over time by the Claroty Platform. Sometimes, the weaknesses in certain systems cannot be captured by Claroty Platform because it lacks knowledge about zero-day attacks.

The product's integration capabilities are an area of concern where improvements are required.

I have been using Claroty Platform for two to three years. My company is in partnership with Claroty Platform.

Stability-wise, I rate the solution a seven out of ten.

With the Claroty Platform in place, at times, my company is not able to connect some of the data with some other systems, which don't actively communicate with another system. Claroty Platform can't detect systems that don't actively communicate with other systems, so we have to use active queries. However, in passive detection, one can't detect systems. There needs to be some improvements in the product.

When it comes to scalability, the tool performs well in some areas, while it doesn't perform well enough in certain other areas. Scalability-wise, I rate the solution an eight out of ten.

As my company has a partnership with Claroty Platform, the seniors in my organization communicate with Claroty's support team if required.

The data is private, and we have to keep it on our company's server, so the solution is deployed on an on-premises model.

The solution is deployed for one day in our company within three to four hours to get the data and create a report consisting of the details of the vulnerabilities and what needs to be improved in the systems. In short, my company has not implemented the product on a timely basis. It is generally implemented for a day, together with the data, to analyze the data and for another communication part.

Tenable has also been expanding its OT security technology, so we can't compare Claroty Platform with it to decide on which would be the best tool for our company.

In terms of the product's ability to enhance cybersecurity in our company, I would say that I have three technical certificates of Claroty, including technical support and Claroty implementation certificates. Claroty Platform provides courses through its partner portal, from which others can learn about the tool and its implementation process.

The product helps mitigate potential threats, especially if its users have signature rules. The product also provides alerts.

My company is able to integrate the Claroty Platform with another product to get data from it. Claroty Platform's integration capabilities have some limitations since it can only be integrated with a limited number of systems. A tool like Tenable offers good integration and can be integrated with many external products, like SIEM, SOAR, or firewall products.

I recommend the product to those who plan to use it. My company also suggests our customers deploy the Claroty Platform.

Claroty Platform is a product that focuses on industrial control systems, and if people want to save their company's OT systems and cater to the needs related to the security area, then they can use the product.

I rate the overall tool an eight out of ten.