Dragos updates its asset identification, threat detection, and response platform
Dragos released version 1.4 of its Dragos Platform, industrial cybersecurity software that codifies threat analytics to provide operational technology (OT) and information technology (IT) practitioners visibility of ICS assets and prescriptive procedures to respond to adversaries.
The latest release of the Dragos platform incorporates customer feedback from existing deployments, as well as input from Dragos’ Threat Operations Center, which regularly uses the Platform to assess and detect cybersecurity threats in industrial organizations across electric, oil and gas, water, mining, transportation, and advanced manufacturing sectors.
“We’re excited to deliver version 1.4 to our customers today,” said Jon Lavender, Dragos’ Chief Technology Officer. “We strive to provide industrial cybersecurity practitioners the most relevant data and tools for effective threat detection and response, and this release encompasses significant enhancements designed to make ICS defenders more productive in their daily efforts to combat industrial adversaries.”
The Dragos Platform is designed for visibility of ICS assets and threats, built upon its DPI (Deep Packet Inspection) capabilities. DPI capabilities enable protocol analysis for contextual depth, providing accuracy and speed in the identification of thousands of assets. This characterization enables assessments of normal or abnormal usage and communication patterns necessary for automated asset identification and threat detection.
In addition to its existing DPI capabilities, Dragos Platform v1.4 further supports asset visibility with new geographical map views to locate and understand industrial assets.
Dragos Platform v1.4 also provides enhancements for more efficient threat detection and response through new content packs and analyst productivity improvements. The latest content packs include new threat behavior analytics, custom-authored investigation playbooks, device fingerprints, and ICS protocols to accelerate analysts’ response time and reduce dwell time. Security analyst usability and productivity improvements include new pivot and filtering options to navigate throughout the application and improve workflows.