Streamlining OT threat and vulnerability workflows

Dragos has introduced the latest release of the Dragos Platform, said to be the industry’s most effective OT network visibility and cybersecurity platform.

  • 2 months ago Posted in

The updates provide industrial and critical infrastructure organizations with even deeper and enriched visibility into all assets in their OT environments, streamlined workflows for threat detection and vulnerability management that allow for efficient and effective response, and powerful integration of Dragos WorldView intelligence and Neighborhood Keeper community intelligence on current and emerging threats.

Industrial organizations worldwide are grappling with the rise of threat groups that scale attacks on widely-used technologies and common security weaknesses in OT environments, as well as a 50% year-over-year increase in reported ransomware attacks on these organizations[1]. At the same time, they must balance the need for safety, quality, intellectual property protection, and financial and reputational safeguards with the competing priorities of uptime and availability of complex industrial infrastructure. IT cybersecurity approaches do not adequately protect these systems; threat and vulnerability methods not tailored to OT environments can disrupt essential processes and overburden security teams with irrelevant alerts.

The Dragos Platform provides comprehensive OT-native cybersecurity as a non-intrusive overlay to operations environments. Updates include new local collector and file ingestion capabilities that expand data collection options for increased flexibility; also included are new filtering capabilities that create powerful asset inventory views to answer key visibility questions for IT security and operations alike. The evolved integration of the Platform with Dragos’s Neighborhood Keeper and WorldView threat intelligence streamlines vulnerability management, threat detection, and response workflows to meet emerging threats like FrostyGoop and PIPEDREAM malware; Unitronics vulnerabilities; and VOLTZITE, CyberAveng3rs, and CHERNOVITE threat groups targeting OT environments.

“The latest enhancements to the Dragos Platform focus on helping industrial organizations build the most comprehensive asset inventory and implement effective protective measures against today’s intensified OT cyber threats—all without disrupting critical operations,” said Jodi Schatz, Chief Product Officer at Dragos. “Dragos understands the complexity of these environments—and the growing risk—and builds that knowledge into the platform so customers can identify and protect their most critical assets with greater precision and confidence. Customers benefit from powerful intelligence from our integrations with Dragos WorldView and Neighborhood Keeper—the largest anonymized information-sharing network used by the broader OT and intelligence community.”

Enhancing Asset Inventory Capabilities

Sixty-one percent of industrial organizations struggle to effectively monitor their critical assets[2], limiting visibility into their risk. The latest updates to the Dragos Platform introduce advanced features that streamline and enhance asset inventory management:

Expanded asset enrichment with project file and data import: The new file ingest feature allows for seamless import and enrichment of asset data from existing project files or other devices, simplifying the process of maintaining a comprehensive and up-to-date asset inventory.

New lightweight collector for enhanced monitoring: A containerized traffic forwarding solution, this collector operates on edge switches and routers to provide data collection for space-constrained locations deep within OT environments. It captures and processes critical data, ensuring that even the most remote assets are monitored effectively with minimal impact on operations.

Expanded environment support: Dragos sensors now support Hyper-V and ESXi environments, allowing for broader deployment across different OT infrastructures.

Advancing Vulnerability Management and Asset Operationalization

The Dragos Platform’s latest enhancements also focus on turning asset data into actionable insights, enabling more effective and targeted cybersecurity measures through Dragos’s corrected severity scoring with “now next never” prioritization, alternative mitigation.

Advanced asset filtering features: The introduction of customizable filters allows users to efficiently manage and analyze asset data, facilitating the identification and prioritization of assets and their vulnerabilities.

Automated alerts with Neighborhood Keeper trusted insights – Context of newly discovered vulnerabilities or threat activity relevant to users’ environment can be pushed via Neighborhood Keeper to their Platform console from Dragos directly or from our Trusted Insight Partners, often before the vulnerabilities or threat activity are disclosed publicly.

Added intelligence context with pivots to WorldView OT analysis – In-Platform pivots to WorldView intelligence analysis & reporting on specific vulnerabilities providing deep intelligence analysis to enable risk management (additional license required).

Research finds that the industry is struggling with a growing resource and skills gap while...
Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Cloud-native organisations to gain full understanding over every identity in the cloud, secured...
MSSPs identify regulatory compliance as additional factor as organisations seek to shift...
Orange Business (Norway), a global leader in digital services, has selected ARMO’s advanced...
Gigamon and Exclusive Networks have expanded their existing distribution partnership, broadening...
Trustwave and Cybereason have announced a definitive merger agreement offering a comprehensive and...