Claroty builds security platforms for cyber-physical systems across the Extended Internet of Things (XIoT) - operational technology in factories and power plants, connected medical devices in hospitals, and enterprise IoT sprawling through commercial buildings. The company's core thesis: traditional IT security tools weren't built for the protocol diversity, legacy hardware, and uptime requirements of industrial control systems, healthcare networks, and building automation. Their platform attempts to solve visibility, threat detection, and vulnerability management across environments where a patch cycle can't just reboot a production line or a patient monitoring system.
The technical approach centers on deep protocol coverage and AI-driven analytics designed to spot both known signatures and behavioral anomalies in OT and IoT traffic. Claroty's platform is positioned for IT/OT convergence scenarios - where corporate networks increasingly touch manufacturing floors, utility grids, and clinical environments - creating new attack surfaces that legacy tools struggle to monitor. The company claims to deliver asset discovery, continuous monitoring, and threat detection across industrial, healthcare, public sector, and commercial deployments, with particular focus on manufacturing, energy, healthcare delivery, and government operations.
Led by CEO Yaniv Vardi and headquartered in the US, Claroty operates in a threat landscape where ransomware targeting hospitals and nation-state intrusions into critical infrastructure have made XIoT security a boardroom issue. The company's go-to-market emphasizes purpose-built solutions rather than retrofitting enterprise tools, banking on the idea that protecting a dialysis machine or a SCADA controller requires fundamentally different instrumentation than securing a laptop. The platform architecture attempts to address the reality that many cyber-physical assets can't run agents, can't tolerate latency, and weren't designed with security logging in mind.