Claroty's AI library decodes industrial devices

For decades, the machinery powering critical infrastructure has suffered from a silent 'identity crisis.' Unlike IT assets, operational technology (OT) security teams struggle to identify exactly what's running on their plant floors, with a staggering 88% of Cyber-Physical Systems (CPS) lacking precise product codes. This lack of a clear digital identity makes managing vulnerabilities a manual, error-prone process. To combat this, Claroty has unveiled its AI-powered CPS library, a system designed to act as a 'universal translator' for industrial and healthcare hardware. This initiative, detailed on the Databricks blog, aims to resolve device identities by consolidating noisy real-world data into a single source of truth.

Visual TL;DR. Industrial Device Identity Crisis leads to Manual Vulnerability Management. Industrial Device Identity Crisis leads to Claroty's AI Library. Claroty's AI Library uses Databricks Data Intelligence. Databricks Data Intelligence enables Consolidating Noisy Data. Consolidating Noisy Data leads to Improved Security Accuracy. Claroty's AI Library achieves Improved Security Accuracy.

Industrial Device Identity Crisis: 88% of Cyber-Physical Systems lack precise product codes
Manual Vulnerability Management: error-prone process due to lack of clear digital identity
Claroty's AI Library: universal translator for industrial and healthcare hardware
Databricks Data Intelligence: powers the AI library with custom agents
Consolidating Noisy Data: combines matching algorithms with generative AI
Improved Security Accuracy: resolves device identities into a single source of truth
Definitive CPS Solution: partnership through Databricks GenAI MVP program

Visual TL;DRQuickExplainDeeper

The system tackles a complex entity resolution challenge by combining classic matching algorithms with the power of generative AI. Claroty partnered with Databricks through their GenAI MVP program to build this definitive solution.

Decoding the Factory Floor

Imagine a factory floor scenario where a device reports an obscure internal code. A human or a basic tool might struggle to identify it and its associated risks. The AI-powered CPS library automates this detective work, instantly recognizing the code, linking it to its commercial name, identifying specific parts and firmware versions, and attaching correct vulnerability data in milliseconds.

This library is more than a database; it's a multi-agent AI system enabling 'last-mile' remediation by reconciling messy network data into a single source of truth.

Related startups

Key breakthroughs include deterministic traceability, even with minimal device data, and improved vulnerability attribution accuracy by 25% through identification of specific sub-components and firmware. Early tests show 56% of analyzed devices receiving new security recommendations for previously invisible outdated firmware.

Under the Hood: Databricks Data Intelligence Engine

Claroty leverages the Databricks Data Intelligence Platform to manage over 17 million assets. A Lakehouse architecture unifies diverse datasets, from proprietary OT protocols to vendor manuals, into a single, scalable environment.

This foundation provides the high-performance compute for complex statistical inference models, ensuring each CPS-ID is backed by rigorous data integrity.

Data Engineering at Scale: The Medallion Pipeline

A robust Medallion Architecture on Delta Lake, governed by Unity Catalog, powers this ecosystem. Raw JSON payloads enter the Bronze layer, then a promotion pipeline uses Delta Change Data Feed (CDF) to transform evidence into a governed, canonical schema.

Delta Lake's schema evolution and time travel capabilities ensure an unbreakable chain of custody for every asset record, providing full auditability.

Multi-Agent Intelligence via Databricks' Custom Agents

Claroty engineered an orchestrated multi-agent system where specialized AI agents collaborate. This hybrid engine combines classic statistical analysis with NLP techniques to extract signals from vendor documentation and web sources. The system is built around NLP Agents that parse complex data, Reasoning Agents that weigh evidence, and a Human-in-the-loop (HITL) feedback mechanism for continuous accuracy gains. This sophisticated approach is enabled by the governed data foundation provided by Databricks Unity Catalog Automates Data Security.

Innovation Through Databricks Capabilities

The platform's capabilities accelerate development from MVP to production. Domain-specific intelligence is achieved via custom endpoints using Databricks Model Serving for precise OT and healthcare nuances.

Advanced RAG systems ingest proprietary documentation, and an Information Extraction agent turns unstructured text into actionable intelligence.

MLflow manages the ML lifecycle, from MVP through deployment, with continuous evaluation using 'LLM as a Judge' and manual sessions.

Observability features in MLflow monitor agent health, track costs, and detect bugs in real-time. Strategic focus is placed on cost-efficiency for Vector Search indices, designing specific architectural patterns for ROI during idle periods.

By fusing classic Entity Resolution methods with advanced AI, Claroty's library offers a deterministic path to understanding and securing the complex world of Cyber-Physical Systems.

© 2026 StartupHub.ai. All rights reserved. Do not enter, scrape, copy, reproduce, or republish this article in whole or in part. Use as input to AI training, fine-tuning, retrieval-augmented generation, or any machine-learning system is prohibited without written license. Substantially-similar derivative works will be pursued to the fullest extent of applicable copyright, database, and computer-misuse laws. See our terms.