There is a huge difference between an agent that breaks a spreadsheet and an agent that breaks a factory.
That is why Claroty’s Claire launch is worth paying attention to.
Claroty announced Claire on May 28 as a cyber-physical-systems-native AI security agent. The product is aimed at environments where software touches real machinery: industrial sites, healthcare systems, commercial infrastructure, public-sector assets, and the strange operational layer where uptime is not a nice-to-have because downtime can become physical risk.
The press release has the usual vendor shine, but the category signal is real.
AI agents are leaving the browser.
Cyber-physical security is not normal IT
In a normal SaaS environment, you can often move fast, patch fast, roll back, and accept some temporary mess.
Industrial and healthcare environments are different. A device may be old because it is certified, validated, expensive, connected to a real process, or impossible to reboot during operations. A technically correct security recommendation can still be operationally stupid if it ignores safety, uptime, vendor constraints, or the way a plant actually runs.
That is the gap Claroty is trying to occupy.
Claire is described as being trained on Claroty’s cyber-physical systems data and domain expertise, including information across thousands of OEMs and medical device manufacturers. The promised workflows are exposure prioritization, remediation orchestration, operational-resilience support, and compliance mapping.
In plain English: do not just say “patch this.” Understand what this asset is, where it sits, what it talks to, whether it can be patched, what breaks if it goes down, and which fix is actually sane.
That is the agent layer enterprises will pay for.
The important word is deterministic
The dangerous version of this future is obvious.
An agent sees a vulnerability, generates a confident plan, and recommends a change that makes the dashboard greener while making the physical system more fragile. That is not science fiction. That is exactly what happens when generic automation meets domain reality.
The better version is narrower.
Use AI to gather context, summarize messy asset data, map risk to real operations, and propose actions that humans can approve with better information. Keep the actual control path constrained. Make actions auditable. Make remediation playbooks explicit. Treat the model as an assistant to operational judgment, not a magic operator for mission-critical systems.
Claroty’s own framing leans on that distinction: speed is useful, but accuracy and operational integrity are the point.
Good.
Agents are becoming vertical
This is the bigger story.
The first agent wave was horizontal. Browse the web, write code, answer emails, fill forms, move between tools.
The next wave is vertical. Legal agents that know legal workflows. Finance agents that understand filings. Coding agents that understand repositories. Security agents that understand industrial devices and hospital networks.
That is where generic intelligence becomes useful software.
But it also raises the bar. A vertical agent is not allowed to be charmingly wrong. In physical infrastructure, “mostly right” can be a liability.
The winning systems will combine model intelligence with domain data, hard permissions, deterministic controls, audit trails, and a human who still owns the decision.
The agent can help.
The plant, hospital, or grid still needs grown-up engineering.
Source: Claroty