Claroty has introduced what it calls an AI-powered CPS library, a system designed to help security teams identify industrial and healthcare devices more precisely when product data is incomplete, inconsistent or missing entirely.
The company says the platform is meant to act like a translator for cyber-physical systems, helping turn fragmented device signals into a single source of truth. In Claroty’s view, that matters because many CPS assets do not report a clean product code, which makes vulnerability tracking far harder than it is in traditional IT environments.
A long-running visibility problem in CPS security
According to Claroty’s Team82 research, 88% of CPS assets do not transmit an exact product code, while 76% use product codes that differ from the vendor’s official records. That gap leaves security teams trying to match device names, firmware clues and vendor references by hand.
Claroty says the new library is meant to automate that work by mapping noisy real-world data to the correct device identity, related components and vulnerability information.
- 88% of CPS assets lack an exact product code
- 76% use product codes that differ from official vendor records
- The company says the library covers 17 million+ industrial and healthcare assets
- In MVP testing, Claroty reports a 25%+ improvement in vulnerability attribution accuracy
- More than 56% of analyzed devices received new security recommendations
How the library is meant to work
Claroty describes the system as a multi-agent AI setup that combines classic entity resolution methods with generative AI and human review. The company says the workflow uses NLP agents, reasoning agents and human-in-the-loop feedback to reconcile conflicting data and improve match quality over time.
In practice, Claroty says the platform can take an internal hardware code from a plant-floor device, connect it to the commercial product name, identify the relevant firmware details and associate the correct vulnerabilities. The company positions this as a way to reduce the manual detective work that often slows industrial security teams.
Built on Databricks infrastructure
Claroty says the project was developed with Databricks through its GenAI MVP program and uses the Databricks Data Intelligence Platform as the underlying data foundation. The company points to a Medallion Architecture on Delta Lake, governed in Unity Catalog, as the backbone for organizing and tracing asset data.
It also says the system uses Databricks Custom Agents, MLflow, Lakeflow Jobs, Lakebase and Databricks Apps as part of the broader stack supporting ingestion, orchestration, evaluation and application delivery.
| Area | Claroty’s description |
|---|---|
| Core challenge | Entity resolution for incomplete CPS device identities |
| Data scale | 17 million+ assets |
| Reported MVP result | 25%+ better vulnerability attribution accuracy |
| Operational impact | 56%+ of analyzed devices received new or updated security recommendations |
Why it matters for industrial and healthcare operators
For OT and healthcare environments, the appeal is straightforward: better asset identity can mean faster vulnerability triage, fewer blind spots and more reliable remediation decisions. Claroty says the system is designed not just to identify devices, but to give teams the context needed to act with more confidence.
The company also says its recent recognition as a Leader in the 2025 Gartner Magic Quadrant for CPS Protection Platforms, with the highest position for Ability to Execute, supports its direction in this area.