Cyber-physical systems protection firm Claroty and machine identity provider Corsha announced a strategic technology integration on May 21, 2026, combining continuous threat detection with dynamic machine identity and access control to deliver zero trust security across U.S. federal operational technology (OT) environments. The partnership targets the expanding attack surface created by OT/IT convergence at defense, intelligence, and civilian agencies managing mission-critical infrastructure.

Background

The integration arrives weeks after CISA, the Department of Energy, the FBI, and the Department of State jointly released "Adapting Zero Trust Principles to Operational Technology" on April 29, 2026-a guidance document addressing identity and access controls, asset visibility, and supply chain risk management for OT systems. That guidance underscored a challenge well documented in federal assessments: standard IT security approaches can be ineffective and potentially dangerous in OT environments because of legacy infrastructure, operational constraints, and safety requirements, according to the joint guide.

The regulatory pressure traces to Executive Order 14028, signed in May 2021, which required federal civilian agencies to establish plans for adopting Zero Trust Architecture. OMB's subsequent M-22-09 memorandum set specific zero trust objectives emphasizing enhanced identity verification, multi-factor authentication, and continuous monitoring. For OT networks, those mandates have historically been difficult to fulfill because machine-to-machine (M2M) communications in industrial control systems rarely carry authenticated identities.

Both vendors bring existing federal credentials to the partnership. Claroty's Continuous Threat Detection (CTD) platform was granted Authority to Operate (ATO) at multiple military missile defense sites and a Facility Related Control System for a classified Intelligence Community facility, according to the companies. Corsha's Machine Identity Provider (mIDP) received ATO at the U.S. Air Force Sustainment Center's Warner Robins Air Logistics Complex, where it connects manufacturing robots to data analytics applications at the shop-floor edge.

Details

The technical integration places Corsha's mIDP directly atop Claroty CTD. The combined platform layers Corsha's continuously authenticated machine identities and dynamic access controls onto CTD's asset visibility and continuous threat monitoring, securing every machine-to-machine connection with automated mitigation, according to the companies. Specific capabilities include identity-based access enforcement for every machine connection, automated blocking of suspicious lateral traffic without manual network re-architecture, and real-time credential validation to contain ransomware propagation.

Anusha Iyer, Founder and CEO of Corsha, attributed the need for the integration to structural complexity in federal networks. "Federal agencies are faced with not just growing threats but also the increased complexity of OT/IT convergence," Iyer said. She added that the joint solution is designed to "reduce exposure, limit lateral movement, and simplify compliance for stronger security across the nation's mission-critical infrastructure."

Jen Sovada, General Manager of Public Sector at Claroty, stated the pairing "helps organizations defend against operational disruption, prevents ransomware and supply chain attacks, and contains vulnerabilities in real time." A 2025 study of federal civilian agencies cited by Claroty found that only 36% of federal agencies have achieved full asset visibility, and more than 60% report gaps in in-house CPS expertise, underscoring the operational gap the integration aims to address.

The Claroty-Corsha deal follows a pattern of Corsha building bilateral integrations with OT security monitoring platforms. In October 2025, Corsha announced a separate integration with Dragos, combining machine identity with Dragos's industrial threat detection to enforce Zero Trust across ICS/OT networks.

Outlook

The joint solution is positioned for procurement through existing federal contract vehicles, with Claroty having recently expanded its public sector distribution via Carahsoft Technology Corp. For OT security teams at defense contractors and critical infrastructure operators, the integration signals a shift in federal procurement expectations: threat detection alone is no longer sufficient, and vendors that cannot demonstrate machine-level identity enforcement aligned with CISA's Zero Trust Maturity Model will face increasing barriers at the ATO stage. CISA's zero trust OT guidance, released April 29, 2026, specifically highlights identity and access controls, supply chain risk management, and the definition of zones and conduits as priority implementation areas for agencies seeking compliance.