Claroty & Frenos launch industrial cyber risk tool
Fri, 10th Jul 2026 (Today)
Claroty has partnered with Frenos on an integrated cybersecurity offering for industrial organisations aimed at reducing downtime risk in cyber-physical systems environments.
The partnership combines Claroty's industrial security platform with Frenos' simulated operational technology penetration testing tools. Customers using Claroty's platform can use Frenos' system to test their defensive posture against attack scenarios, assess whether detected vulnerabilities are exploitable and rank remediation work by risk.
The move addresses a longstanding problem in industrial settings, where operators are often reluctant to use active network scanning on live operational technology systems because of the risk of disruption. In sectors such as energy, water and mining, any outage can affect production and safety as well as security.
Rather than probing live networks, the joint approach uses digital twins built from asset intelligence gathered by Claroty. Frenos then uses those models to simulate attacks without touching production systems, allowing security teams to assess exposures without directly affecting operations.
Industrial cybersecurity has become a growing concern as threat actors adopt more automated methods and defenders face pressure to show that remediation work is reducing actual business risk. The partnership is positioned around that issue, with the companies arguing that not every vulnerability presents the same operational danger.
How it works
Under the arrangement, Claroty provides visibility into assets, network communications and device connections across industrial environments. Frenos uses that information to create environment-specific digital twins and model how an attacker might move through a network or exploit a weakness.
The combined setup is intended to help security teams validate segmentation and firewall policies, identify routes to high-value operational technology assets and determine whether a cyber event could disrupt production. That shifts the focus from broad lists of weaknesses to issues that can actually be reached and abused.
Grant Geyer, Chief Strategy Officer at Claroty, described asset intelligence as the starting point for managing risk in cyber-physical systems.
"Asset intelligence is the bedrock of every organisation's CPS risk management program," said Geyer.
He added that combining visibility with exposure testing can improve defensive planning in industrial environments.
"By gaining full visibility into the industrial environment with the ability to stress test their exposures, organisations that leverage Claroty and Frenos are in the best position to protect against operational downtime and to reduce overall risk," said Geyer.
Risk prioritisation
One of the central claims behind the partnership is that security teams need help deciding which issues to tackle first. Industrial operators often face large volumes of alerts and vulnerability findings, but patching or changing systems in operational technology environments can be slow and tightly controlled.
By testing attack paths in a simulated environment, teams can separate theoretical exposures from weaknesses that are more likely to be used by an attacker. That can guide remediation decisions around network segmentation, firewall rules and vulnerability treatment.
Frenos said its platform uses an AI adversary agent called SAIRA to analyse what is reachable in a customer environment and what an attacker could do next. The system is designed to emulate adversarial behaviour inside the digital twin rather than against the live network.
Brian Proctor, Chief Executive Officer at Frenos, said the distinction between visibility and exploitability is what drives action.
"Knowing your assets is the starting point; knowing which exposures an adversary can actually exploit is what drives action," said Proctor.
He said the partnership is intended to give industrial security teams a clearer route to remediation.
"By building environment-specific digital twins from Claroty's deep asset intelligence, our AI adversary agent shows teams exactly which vulnerabilities are reachable, what an attacker could do with them, and where to remediate first. Together, Claroty and Frenos give industrial organisations the confidence to move from reactive defence to proactive risk reduction," said Proctor.
The partnership reflects a broader push in the industrial security market towards tools that measure operational impact, not just technical exposure. For operators running critical systems, that distinction can shape how limited engineering and security resources are allocated across plants, substations, treatment facilities and mine sites.
The integrated offering is designed to provide continuous validation of security controls and a clearer picture of which cyber weaknesses could translate into downtime.