LLMpediaThe first transparent, open encyclopedia generated by LLMs

Claroty

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: Modbus Hop 5
Expansion Funnel Raw 80 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted80
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
Claroty
NameClaroty
TypePrivate
Founded2015
FoundersYoni Shohet, Aviv Grafi, Brian Beckell
HeadquartersNew York City, Israel
IndustryIndustrial control systems, cybersecurity
ProductsSecure Remote Access, Continuous Threat Detection, Asset Inventory
Employees(est.) 500–1000

Claroty Claroty is a cybersecurity company focused on protecting operational technology environments such as industrial control systems, supervisory control and data acquisition networks, and critical infrastructure. The company develops platform-based solutions for asset visibility, threat detection, secure remote access, and risk management for sectors including manufacturing, energy, healthcare, and water supply and sanitation. Claroty competes and collaborates with vendors across the cybersecurity and operational technology ecosystems.

Overview

Claroty provides an integrated platform that combines passive asset discovery, protocol-aware monitoring, vulnerability detection, network segmentation enforcement, and secure bastion access. The platform is designed to interoperate with SaaS management frameworks and security information and event management solutions from vendors like Splunk, IBM, and Microsoft. Claroty's approach emphasizes proprietary protocol parsers, behavioral analytics, and risk scoring that map to standards such as NIST Cybersecurity Framework and IEC 62443. Customers include utilities, hospitals, and manufacturers that operate Siemens and Schneider Electric control systems, alongside legacy devices from vendors such as Rockwell Automation and Honeywell.

History

Founded in 2015 by executives and engineers with backgrounds at firms such as Check Point Software Technologies and Imperva, Claroty expanded rapidly during a period of heightened attention to industrial cyber threats following incidents like the Stuxnet operation and the 2015 Ukraine power grid cyberattack. Early investment rounds involved venture firms associated with Sequoia Capital-style growth and later strategic investors from NTT and Temasek-adjacent networks. The company grew through product development, hiring from Palo Alto Networks and Cisco Systems, and by acquiring or integrating technologies comparable to acquisitions made by FireEye and Carbon Black in the cybersecurity consolidation trend. Claroty opened offices in North America, Europe, and Israel to support multinational customers and comply with regional regulations such as those influenced by European Commission directives and NIS Directive implementations.

Products and Technology

Claroty's product suite centers on modules for asset discovery, threat detection, remote access, and vulnerability management. The platform uses deep packet inspection tailored to industrial protocols like Modbus, DNP3, OPC UA, and proprietary stacks found in GE Digital and ABB equipment. Its secure remote access offering provides bastion capabilities similar to products from Delinea and BeyondTrust, while its detection engines employ anomaly detection approaches akin to research produced at MIT Lincoln Laboratory and academic centers like Carnegie Mellon University. The company produces dashboards and APIs to integrate with orchestration tools from ServiceNow and incident response workflows used by teams trained with curricula from SANS Institute and (ISC)².

Industry Applications

Claroty's deployments span sectors with critical operational technology needs. In healthcare, the platform secures medical device networks and clinical systems alongside vendors such as Philips and GE Healthcare. In energy, utilities use Claroty to protect distribution and transmission assets that incorporate Siemens Energy and ABB components. In manufacturing, Claroty addresses risks in facilities running Rockwell and Mitsubishi Electric programmable logic controllers. Other customers include companies in oil and gas with facilities using Schlumberger and Baker Hughes equipment, as well as transportation operators integrating systems from Alstom and Bombardier.

Corporate Structure and Funding

Claroty has remained privately held with multiple funding rounds led by global investors and strategic partners, mirroring investment patterns seen with firms supported by BlackRock and KKR in enterprise technology. Leadership has included executives with prior roles at Check Point, Imperva, and McKinsey & Company. The board and investor roster have featured representatives from institutional investors and corporate strategic backers similar to partnerships between Cisco Investments and growth-stage cybersecurity vendors. Headquartered in New York City with major development centers in Israel and operations in London and Singapore, Claroty aligns corporate governance with compliance regimes influenced by SEC-filings practices for private companies and international data-protection frameworks like GDPR.

Security Research and Partnerships

Claroty maintains a research practice that publishes technical analyses of vulnerabilities affecting industrial devices and collaborates with academic and industry bodies including CISA, ENISA, and university labs at MIT and Tel Aviv University. The company partners with industrial technology vendors such as Siemens and Schneider Electric on interoperability and coordinated disclosure programs, similar to cooperative frameworks used by Microsoft and Google Project Zero. Claroty also participates in standards discussions at organizations like IEC and ISO addressing IEC 62443 adoption and industrial cybersecurity best practices.

Controversies and Incidents

As an industrial cybersecurity vendor, Claroty has navigated debates over passive monitoring versus active scanning, disclosure timelines, and integration with legacy control systems—issues that have also affected vendors such as Tenable and Rapid7. Past public discussions involved coordination with government agencies following high-profile incidents like the Colonial Pipeline cyberattack and broader supply-chain concerns raised after events involving SolarWinds. Claroty’s research disclosures and product advisories have occasionally prompted scrutiny from operators of critical infrastructure and vendors whose devices were identified as vulnerable, mirroring industry-wide tensions between security researchers and equipment manufacturers.

Category:Cybersecurity companies Category:Industrial control systems Category:Information technology companies of the United States