This article summarizes what types of asset attributes can be enriched from our connector with Claroty CTD, and the benefits of using that enriched data in policy.
Proof of concept integration with Claroty Continuous Threat Detection is intended to
- Discover devices Claroty is already aware of
- Enrich CCC data for Elisity-discovered devices with attributes from Claroty
Unlike our Medigate and ServiceNow integration there is no dynamic query of CTD when new devices are discovered.
To pull device information from Claroty CTD we use a manually-initiated asset synchronisation. When new devices are discovered in CCC, the ‘Sync Assets’ function much be used to fetch attributes from CTD which will then be merged with other device attributes discovered by Elisity.
Mapping of Claroty CTD data objects to Elisity
Integration with Claroty assumes that device metadata will be populated in CTD before devices are discovered by Elisity.
When new devices are installed it will be necessary to trigger asset sync from CCC.