SecurityBrief US - Technology news for CISOs & cybersecurity decision-makers
United States
Flux result 94989703 8373 4ba4 ade2 933f6522a0ce
#
Firewalls
#
Network Security
#
IoT Security

Claroty xDome adds orchestration to fix visibility gaps

Tue, 14th Apr 2026
Author image
By Sean Mitchell, Publisher

Claroty has added Visibility Orchestration features to its xDome software service, aimed at organisations managing cyber-physical systems across industry, healthcare, commercial operations and the public sector.

The update is designed to help security and operations teams identify gaps in asset data and address them. At the centre is an automated recommendations tool that assesses each asset's Visibility Score and generates prioritised tasks to improve the quality of information held on devices and systems.

The changes respond to a common problem in cyber-physical systems environments: organisations may have an asset inventory but still lack complete or reliable information about devices connected to operational networks. In practice, that can leave security teams with an incomplete view of risk.

The issue has drawn greater attention as attacks on operational technology and other connected physical environments continue. Claroty's Team82 research unit said it verified more than 200 cyber attacks over a 12-month period in which attackers entered cyber-physical systems environments by scanning for internet-exposed devices and using default credentials and insecure protocols to gain access.

Those attacks involved assets including programmable logic controllers, human-machine interfaces, medical devices and other internet-connected systems. Because these environments often support essential operations, visibility into assets and their condition is a basic requirement for cyber defence.

New functions

Alongside automated visibility recommendations, the update includes a multi-method enrichment feature that combines several collection approaches to build fuller asset profiles. xDome can use Claroty Edge, active queries and endpoint detection and response integrations to improve the level of detail recorded for identified assets.

Another addition is an enhancement to the CPS Library, which uses artificial intelligence to model, categorise and correlate fragmented data on assets and vendors into a single record. The aim is to improve the accuracy of asset attributes and make inventories more useful for risk assessment and maintenance.

Claroty has also added centralised management for Edge scans. Users can configure, schedule and monitor periodic scans for multiple hosts across a site from within xDome, with audit logging and version tracking included.

A further change is more flexible deployment for Edge, allowing customers to use existing infrastructure instead of installing additional hosts, hardware or network configurations. xDome also now offers in-app orchestration for integrations, enabling users to trigger and configure EDR, cloud and Simple Network Management Protocol integrations from the recommendations page.

Visibility gaps

The broader challenge for operators of cyber-physical systems is not simply finding assets, but understanding them in enough detail to support action. A basic inventory may show that a device exists, but not whether it is exposed, outdated, using insecure settings or missing key contextual data.

That matters in sectors where connected assets control or support physical processes. Manufacturers, healthcare providers, utilities and public sector operators all depend on systems that are difficult to secure if teams do not know what is on the network, how it is configured or how critical it is to operations.

Industry analysts have increasingly pointed to this issue as boards and senior executives seek clearer oversight of operational technology and connected environments. As cyber-physical systems become more central to revenue generation and service delivery, security teams are under pressure to show not just asset counts, but the quality and usefulness of the data behind them.

Claroty said the new functions are intended to bridge the gap between asset visibility and practical risk reduction. Rather than treating visibility as a static inventory exercise, the company is positioning it as an ongoing process of identifying missing information and guiding teams towards remediation.

"Attaining meaningful visibility is the foundation of building a CPS security posture, however organisations still struggle with translating it into impact that advances business goals," said Gil Gur Arie, Chief Product Officer at Claroty.

"With high-quality, AI-enriched data that's turned into clear, prioritised actions that security and operations teams can confidently execute, Claroty xDome helps teams move beyond simple measurement to active orchestration. We provide a granular roadmap for how to fix their visibility gaps, ultimately saving them hundreds of hours in manual analysis," Arie said.

Related stories
OpenAI launches Trusted Access for Cyber with major names
Anthropic launches Claude Opus 4.7 with stronger coding
Cyber insurance now common among North American SMBs
CIQ launches Linux compliance platform ahead of deadlines
Emerson & OPSWAT strike global reseller deal for OT patching

Top stories

Team Cymru launches Total Insights Feeds for threat data
FIRST conference highlights AI & CVE disclosure push
Protegrity launches AI Team Edition for secure inferencing
Autonomize launches healthcare AI platform version 3
CERN joins OpenSearch foundation as associate member