Dragos Enhances OT Cybersecurity Platform

Lilu Anderson
Photo: Finoracle.net

Dragos Boosts OT Security with Advanced Features

Industrial cybersecurity firm Dragos has introduced the latest updates to its Dragos Platform, enhancing its capability to protect Operational Technology (OT) environments. These updates aim to provide industrial and critical infrastructure organizations with deeper visibility into their assets and improved workflows for threat detection and management.

Enhanced Threat Detection and Management

The Dragos Platform serves as a comprehensive OT-native cybersecurity solution, operating as a non-intrusive overlay to existing operational systems. Among the latest additions are local collector and file ingestion capabilities, expanding data collection options for greater flexibility. New filtering capabilities have also been introduced, allowing for more powerful asset inventory views, which are crucial for IT security and operational efficiency.

Integration with Dragos Intelligence Networks

The platform's integration with Dragos’s Neighborhood Keeper and WorldView threat intelligence networks enhances threat detection and response workflows. This integration helps address emerging threats such as FrostyGoop and PIPEDREAM malware, along with vulnerabilities like Unitronics and threat groups targeting OT environments, including VOLTZITE, CyberAveng3rs, and CHERNOVITE.

According to Jodi Schatz, Chief Product Officer at Dragos, the latest enhancements focus on building a comprehensive asset inventory and implementing protective measures without disrupting critical operations. Schatz added that customers benefit from the intelligence networks, which provide valuable insights to protect critical assets with precision and confidence.

Addressing Rising Cyber Threats in OT

The updates come as industrial organizations experience an increase in threats, including a 50% rise in ransomware attacks year-over-year. At the same time, traditional IT cybersecurity measures often fall short in protecting OT systems, as they can disrupt essential processes and overwhelm security teams with irrelevant alerts.

With 61% of industrial organizations struggling to monitor their critical assets, the Dragos Platform introduces advanced features to streamline asset management and expand asset enrichment. The new file ingest feature facilitates the import and enrichment of asset data, simplifying the maintenance of up-to-date asset inventories.

Advanced Monitoring Capabilities

The platform also includes a lightweight collector for enhanced monitoring, using containerized traffic forwarding solutions that operate on edge devices. These collectors enhance data collection in space-constrained locations within OT environments, ensuring effective monitoring of remote assets with minimal operational impact.

Dragos sensors now support Hyper-V and ESXi environments, allowing for broader deployment across different OT infrastructures.

Turning Data into Actionable Insights

The Dragos Platform focuses on converting asset data into actionable insights, allowing for more effective cybersecurity measures. This is achieved through customizable filters and automated alerts, which help users manage and prioritize assets and vulnerabilities. Additionally, the platform offers intelligence pivots to WorldView for deep risk management insights.

Rapid Response to Emerging Threats

The platform’s rapid development of threat detection and response capabilities is crucial in maintaining OT security. Over 1,000 new threat detections, vulnerabilities, and response playbooks have been added, addressing advanced threats like CyberAveng3rs and FrostyGoop. This ensures that organizations can swiftly respond to threats and maintain the integrity of their operations.

Conclusion

As the threat landscape evolves, Dragos remains at the forefront of OT-specific threat detection. By turning threat intelligence into actionable guidance, the Dragos Platform continues to enhance the security and resilience of OT environments, safeguarding critical infrastructure from potential cyber attacks.

Share This Article
Lilu Anderson is a technology writer and analyst with over 12 years of experience in the tech industry. A graduate of Stanford University with a degree in Computer Science, Lilu specializes in emerging technologies, software development, and cybersecurity. Her work has been published in renowned tech publications such as Wired, TechCrunch, and Ars Technica. Lilu’s articles are known for their detailed research, clear articulation, and insightful analysis, making them valuable to readers seeking reliable and up-to-date information on technology trends. She actively stays abreast of the latest advancements and regularly participates in industry conferences and tech meetups. With a strong reputation for expertise, authoritativeness, and trustworthiness, Lilu Anderson continues to deliver high-quality content that helps readers understand and navigate the fast-paced world of technology.