Dragos ICS app bridges the IT-OT threat detection divide

Dragos, provider of the industrial industry’s most trusted asset identification, threat detection and response platform and services, announced it is partnering with CrowdStrike, a leader in cloud-delivered endpoint protection, to release a new ICS/OT Threat Detection app available for CrowdStrike Falcon platform customers through the CrowdStrike Store.

Leveraging Dragos’ industrial cybersecurity expertise, the app gives customers additional insight into threat activity targeting industrial operations, such as electric power generation or manufacturing.

The insights discovered in the Falcon endpoint data provides customers with an early warning mechanism to protect their industrial control system (ICS) or operational technology (OT) environments. It is currently the only app in the CrowdStrike Store to be solely focused on detecting ICS-focused threats targeting industrial organizations.

“A common challenge at industrial organizations is the separation of IT and OT networks and associated security programs. The traditional silo-ing of data, security teams, and purview, coupled with traditional threat detection tools, has meant that industrial threat activity groups have been allowed to go unchecked for far too long.

“The Dragos ICS/OT Threat Detection app addresses this by providing CrowdStrike Falcon security teams with initial indicators of ICS attacks that originate in IT networks, bridging the IT-OT divide, and more importantly, provides them with an easy migration path to the full Dragos platform for deeper insights and capabilities,” said Jon Lavender, CTO and co-founder of Dragos.

The Dragos ICS/OT Threat Detection app accesses event-based telemetry gathered by and stored in Falcon to detect and analyze OT threats on managed endpoints. The app encapsulates Dragos’ unique view of the ICS threat landscape and its proven experience and expertise in detecting and mitigating those threats.

It leverages Dragos WorldView industrial threat intelligence against endpoint data collected in the CrowdStrike Falcon platform, allowing defenders to visualize critical ICS threat data and to pivot into their Falcon instance for further investigation and mitigation.

The CrowdStrike Store launched in February 2019 and is the first cloud-native security solution that opens the CrowdStrike Falcon platform to third-party applications, enabling a single-agent, single-cloud ecosystem experience.

The store gives customers the opportunity to discover, try, buy, and deploy trusted partner applications and add-ons alongside the Falcon platform, without having to deploy additional agents or manage other infrastructures.

Through the CrowdStrike Store, partners like Dragos can bring innovation and new capabilities to market faster without having to build, maintain and support endpoint agents and cloud platforms.

“We are excited to add Dragos’ industry-leading technology to the CrowdStrike Store. Through this partnership, CrowdStrike customers can have full visibility into industrial threat activity across their kill chain,” said Amol Kulkarni, Chief Product Officer for CrowdStrike.

“The Dragos ICS/OT Threat Detection app utilizes event-based telemetry collected by Falcon to help organizations quickly detect and remediate malicious OT behavior in IT environments, leveraging the power of the cloud to avoid a breach. CrowdStrike industrial customers will now benefit more than ever by deploying Falcon.”