Dragos Boosts OT Security with Advanced Features
Industrial cybersecurity firm Dragos has introduced the latest updates to its Dragos Platform, enhancing its capability to protect Operational Technology (OT) environments. These updates aim to provide industrial and critical infrastructure organizations with deeper visibility into their assets and improved workflows for threat detection and management.
Enhanced Threat Detection and Management
The Dragos Platform serves as a comprehensive OT-native cybersecurity solution, operating as a non-intrusive overlay to existing operational systems. Among the latest additions are local collector and file ingestion capabilities, expanding data collection options for greater flexibility. New filtering capabilities have also been introduced, allowing for more powerful asset inventory views, which are crucial for IT security and operational efficiency.
Integration with Dragos Intelligence Networks
The platform's integration with Dragos’s Neighborhood Keeper and WorldView threat intelligence networks enhances threat detection and response workflows. This integration helps address emerging threats such as FrostyGoop and PIPEDREAM malware, along with vulnerabilities like Unitronics and threat groups targeting OT environments, including VOLTZITE, CyberAveng3rs, and CHERNOVITE.
According to Jodi Schatz, Chief Product Officer at Dragos, the latest enhancements focus on building a comprehensive asset inventory and implementing protective measures without disrupting critical operations. Schatz added that customers benefit from the intelligence networks, which provide valuable insights to protect critical assets with precision and confidence.
Addressing Rising Cyber Threats in OT
The updates come as industrial organizations experience an increase in threats, including a 50% rise in ransomware attacks year-over-year. At the same time, traditional IT cybersecurity measures often fall short in protecting OT systems, as they can disrupt essential processes and overwhelm security teams with irrelevant alerts.
With 61% of industrial organizations struggling to monitor their critical assets, the Dragos Platform introduces advanced features to streamline asset management and expand asset enrichment. The new file ingest feature facilitates the import and enrichment of asset data, simplifying the maintenance of up-to-date asset inventories.
Advanced Monitoring Capabilities
The platform also includes a lightweight collector for enhanced monitoring, using containerized traffic forwarding solutions that operate on edge devices. These collectors enhance data collection in space-constrained locations within OT environments, ensuring effective monitoring of remote assets with minimal operational impact.
Dragos sensors now support Hyper-V and ESXi environments, allowing for broader deployment across different OT infrastructures.
Turning Data into Actionable Insights
The Dragos Platform focuses on converting asset data into actionable insights, allowing for more effective cybersecurity measures. This is achieved through customizable filters and automated alerts, which help users manage and prioritize assets and vulnerabilities. Additionally, the platform offers intelligence pivots to WorldView for deep risk management insights.
Rapid Response to Emerging Threats
The platform’s rapid development of threat detection and response capabilities is crucial in maintaining OT security. Over 1,000 new threat detections, vulnerabilities, and response playbooks have been added, addressing advanced threats like CyberAveng3rs and FrostyGoop. This ensures that organizations can swiftly respond to threats and maintain the integrity of their operations.
Conclusion
As the threat landscape evolves, Dragos remains at the forefront of OT-specific threat detection. By turning threat intelligence into actionable guidance, the Dragos Platform continues to enhance the security and resilience of OT environments, safeguarding critical infrastructure from potential cyber attacks.
