Claroty announces upgraded on-prem security capabilities for the public sector

    June 19, 2025
    The company's threat detection platform has been upgraded with exposure management and FISMA support via STIG-hardened configuration management controls and FIPS compliance.
    Related To:
    68545cef1d55b4632f8857bd Aaf9547b031338a8569c97e0ef9264b7

    Claroty recently announced new investments in the U.S. public sector to enhance protection of OT, IoT, IoMT, and facility-related control systems (FRCS)/building management systems (BMS).

    The company is now offering enhanced exposure management and Federal Information Security Modernization Act (FISMA) support with Security Technical Implementation Guide (STIG)-hardened configuration management controls within Claroty Continuous Threat Detection (CTD). These new capabilities will enable greater efficiency and operational improvements across U.S. federal departments and agencies, state, local, and education (SLED), and the defense industrial base when protecting increasingly vulnerable CPS assets.

    With new exposure management capabilities, Claroty CTD gives U.S. public sector agencies securing these vital operations the ability to swiftly prioritize and remediate exposure based on exploitability. Security teams will be able to contextualize and prioritize remediation for the most critical vulnerabilities with enrichment from CISA's Known Exploited Vulnerabilities (KEV) catalog.

    This, combined with the existing support for the Exploit Prediction Scoring System (EPSS), enables automated vulnerability "priority group assignments," a more sophisticated method of categorizing and ranking vulnerabilities and their associated assets based on a comprehensive risk assessment for network-wide exposures. The ability to prioritize assets and critical vulnerabilities to remediate threats also comes with the portability of flyaway kits to expedite the process, regardless of resource constraints.

    Additionally, Claroty has also enhanced CTD's operating system (ClarotyOS) for STIG-hardened configuration management controls (CM-2). These controls, in addition to other enhancements, support U.S. federal government FISMA and Department of Defense Risk Management Framework (DoD RMF) requirements for federal agencies. Compliance with these controls enables organizations to satisfy NIST 800-53 Rev5 requirements by securely configuring their technology solutions to protect against potential threats.

    Claroty has also made updates to CTD that further ease organizations' ability to meet compliance requirements, including:

    • FIPS-140-2 / FIPS-140-3: ClarotyOS capabilities achieve a FIPS-140-2/3 compliant outcome, both for data in-transit (SC-8 / SC-13), and at-rest (SC-28) at deployment.

    • NIST SP 800-53, FISMA, ISA/IEC-62443: Related to NIST SP 800-53 and FISMA, users can add time-based one-time passwords (TOTP) for multi-factor authentication as well as ISA/IEC-62443 compliance reporting to confirm the environment, network, or site satisfies IEC standards. The reporting provides critical insights that help assess and analyze the organization's compliance status, simplifying the evaluation process to focus on the key compliance gaps.

    "Government agencies are fighting an uphill battle right now, facing greater threats with fewer resources," said Jen Sovada, General Manager, Public Sector at Claroty. "They need technology that comprehensively addresses current and emerging cybersecurity threats so they don't sacrifice efficacy for efficiency. Claroty continues to develop CTD to meet the specific needs of those working to secure our nation's critical operations—from understanding exposure, remediating vulnerabilities, and enabling compliance."

    Enhancements to Claroty's on-premise CTD offering come as the company continues its pursuit towards achieving FedRAMP High authorization for its SaaS offering, Claroty xDome.