- 24 Mar 2025
- 1 Minute to read
- Print
- DarkLight
Claroty CTD
- Updated on 24 Mar 2025
- 1 Minute to read
- Print
- DarkLight
Claroty CTD (Continuous Threat Detection) is a cybersecurity solution for industrial control systems (ICS) and operational technology (OT) environments. It provides comprehensive visibility into OT networks, advanced threat detection, risk management, and compliance support. For detailed information refer to Claroty CTD’s website.
Integration Method: API
Tables: Detection Finding (2004), Network Activity (4001), Device Inventory Info (5001)
This integration supports the following events.
Event | Description |
---|---|
Assets | List of the Assets |
Alerts | List of Alerts |
Baselines | List of baselines between two assets |
Sessions | List of network session between two assets |
Note:
Claroty CTD doesn’t follow a traditional versioning system. Claroty CTD’s official documentation doesn’t contain any version information.
Prerequisites
The user should have a Username and Password for Claroty CTD instance.
The user should have access to the DataBee console.
Configuration Overview
Get the Username and Password for Claroty CTD.
Add the Claroty CTD data feed in the DataBee console with the below parameters
DataBee Parameter
Claroty CTD Parameter
Username
Username
Password
Password
Claroty CTD Configuration
You will receive your Claroty CTD instance credentials via email when admin gives access to the instance. From there, you will need to obtain your username and password for data feed creation.
DataBee Configuration
Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
Search for Claroty CTD and click it as shown below.
Click on the API Ingest option for collection method.
Enter feed contact information and click Next.
In the configuration page, confirm the following:
Authorization Method: Token Url Auth
API Base URL: this is the base URL that DataBee will interact with.
Replace the <instance> with your Claroty CTD instance.
Token URL: replace the <instance> with your Claroty CTD instance.
Username: paste the Username.
Password: paste the Password.
Event Types: preselected for all the event types that integration pulls.
Click Submit.
Troubleshooting Tips
If you are facing unauthorized (401) error, this might be possibly due to incorrect Credentials. Please refer to the Credentials to get username and password.