Dragos Inc. announced the latest release of the
Dragos Platform, the industry's
most effective OT network visibility and cybersecurity platform.
The updates provide industrial and critical infrastructure
organizations with even deeper and enriched visibility into all assets
in their OT environments, streamlined workflows for threat detection and
vulnerability management that allow for efficient and effective
response, and powerful integration of
Dragos WorldView intelligence and
Neighborhood Keeper community intelligence on current and emerging threats.
Industrial organizations worldwide are grappling with the rise of
threat groups that scale attacks on widely-used technologies and common
security weaknesses in OT environments, as well as a 50% year-over-year increase
in reported ransomware attacks on these organizations. At the same
time, they must balance the need for safety, quality, intellectual
property protection, and financial and reputational safeguards with the
competing priorities of uptime and availability of complex industrial
infrastructure. IT cybersecurity approaches do not adequately protect
these systems; threat and vulnerability methods not tailored to OT
environments can disrupt essential processes and overburden security
teams with irrelevant alerts.
The Dragos Platform
provides comprehensive OT-native cybersecurity as a non-intrusive
overlay to operations environments. Updates include new local collector
and file ingestion capabilities that expand data collection options for
increased flexibility; also included are new filtering capabilities that
create powerful asset inventory views to answer key visibility
questions for IT security and operations alike. The evolved integration
of the Platform with Dragos's Neighborhood Keeper and WorldView threat
intelligence streamlines vulnerability management, threat detection, and
response workflows to meet emerging threats like FrostyGoop
and PIPEDREAM malware; Unitronics vulnerabilities; and VOLTZITE,
CyberAveng3rs, and CHERNOVITE threat groups targeting OT
environments.
"The latest enhancements to the Dragos Platform focus on helping
industrial organizations build the most comprehensive asset inventory
and implement effective protective measures against today's intensified
OT cyber threats-all without disrupting critical operations," said Jodi
Schatz, Chief Product Officer at Dragos. "Dragos understands the
complexity of these environments-and the growing risk-and builds that
knowledge into the platform so customers can identify and protect their
most critical assets with greater precision and confidence. Customers
benefit from powerful intelligence from our integrations with Dragos
WorldView and Neighborhood Keeper-the largest anonymized
information-sharing network used by the broader OT and intelligence
community."
Enhancing Asset Inventory Capabilities
Sixty-one percent
of industrial organizations struggle to effectively monitor their
critical assets, limiting visibility into their risk. The latest updates
to the Dragos Platform introduce advanced features that streamline and
enhance asset inventory management:
- Expanded asset enrichment with project file and data import: The
new file ingest feature allows for seamless import and enrichment of
asset data from existing project files or other devices, simplifying the
process of maintaining a comprehensive and up-to-date asset inventory.
- New lightweight collector for enhanced monitoring: A
containerized traffic forwarding solution, this collector operates on
edge switches and routers to provide data collection for
space-constrained locations deep within OT environments. It captures and
processes critical data, ensuring that even the most remote assets are
monitored effectively with minimal impact on operations.
- Expanded environment support: Dragos sensors now support Hyper-V and ESXi environments, allowing for broader deployment across different OT infrastructures.
Advancing Vulnerability Management and Asset Operationalization
The Dragos Platform's latest enhancements also focus on turning asset
data into actionable insights, enabling more effective and targeted
cybersecurity measures through Dragos's corrected severity scoring with
"now next never" prioritization, alternative mitigation.
- Advanced asset filtering features: The introduction
of customizable filters allows users to efficiently manage and analyze
asset data, facilitating the identification and prioritization of assets
and their vulnerabilities.
- Automated alerts with Neighborhood Keeper trusted insights:
Context of newly discovered vulnerabilities or threat activity relevant
to users' environment can be pushed via Neighborhood Keeper to their
Platform console from Dragos directly or from our Trusted Insight
Partners, often before the vulnerabilities or threat activity are
disclosed publicly.
- Added intelligence context with pivots to WorldView OT analysis:
In-Platform pivots to WorldView intelligence analysis & reporting
on specific vulnerabilities providing deep intelligence analysis to
enable risk management (additional license required).
Leading the Market in Threat Detection
As threats to OT environments continue to evolve, Dragos remains at the forefront of OT-specific threat detection:
- Over 1,000 new threat detections, vulnerabilities and response playbooks added:
The latest updates introduce over 1,000 new threat detections,
addressing emerging threats such as CyberAveng3rs, FrostyGoop and other
advanced threats. The Dragos Platform's rapid development and deployment
of threat analytics enable organizations to respond swiftly to emerging
threats. This capability is vital in maintaining the security and
integrity of OT environments, ensuring that critical operations are
protected from disruption.
The Dragos Platform's ability to quickly turn threat intelligence
into actionable guidance for customers was most recently demonstrated in
response to FrostyGoop,
the ninth known ICS malware, which directly interacts with industrial
control systems (ICS) using Modbus TCP over port 502, and was discovered
by Dragos in April 2024. Dragos Threat Intelligence experts quickly
developed new detection analytics and response playbooks and pushed them
to Platform users through a Knowledge Pack update. New to this release,
opted-in organizations in Neighborhood Keeper can automatically receive
these pushed content updates within their Platform instances for
immediate coverage.
The Dragos Platform was awarded Best Industrial Security Solution by
SC Awards (2023), won gold in two categories - Critical Infrastructure
Security and ICS/SCADA Security - in the Cybersecurity Excellence Awards
(2024); recognized as Market Leader in OT Security and Most
Comprehensive Industrial Cybersecurity solution by Cyber Defense
Magazine's Global InfoSec Awards (2023); and was a Platinum award winner
in ASTOR's American Security Today Homeland Security Awards for Best
ICS/SCADA Cybersecurity (2023).
The latest updates further enhance the Dragos ecosystem, equipping it
to more effectively tackle critical OT cybersecurity challenges. To
gain deeper insights into the newest version of the Dragos Platform,
Dragos is offering a public webinar. During this session, Dragos will
discuss how new features operationalize asset data for prioritizing and
addressing vulnerabilities, as well as how the platform's threat
analytics are developed and deployed to safeguard essential operations.
Register here: https://hub.dragos.com/webinar/dragos-platform-asset-inventory-fuels-detection-and-response