Dragos  Industrial Cybersecurity Platform

Problems that solves

Aging IT infrastructure

IT infrastructure downtimes

Risk of attacks by hackers

Risk of lost access to data and IT systems

Shortage of information for decision making

Unauthorized access to corporate IT systems and data


Ensure Security and Business Continuity

Enhance Competitive Ability

Dragos Industrial Cybersecurity Platform

ICS cybersecurity technology that provides ICS defenders with unprecedented visibility of their assets and communications, knowledge of threats through driven analytics.


The Dragos Platform contains all the necessary capabilities to monitor and defend ICS environments. It combines the functionality of an OT security incident and event management system (SIEM), network detection and anomaly system, and incident response platform with the experience and intelligence of the Dragos team.


Deep packet inspection (DPI) of ICS protocols, traffic, and asset characterizations, ability to consume host logs and controller events, and integrations with ICS assets such as data historians provide a complete view of ICS environments.


Complex characterizations of adversary tactics, techniques, and procedures through threat behavior analytics pinpoint malicious activityon ICS networks and provide in-depth context to alerts.


Expert-authored investigation playbooks and case management guide defenders step-by-step through the investigation process to enable independence and transfer knowledge from our team to ICS defenders. Benefits:
  • Significantly reduce time to identify and inventory all assets and traffic on your network
  • System-generated asset maps and reports provide consistent, time-driven views that are accurate, up-to-date, and thorough
  • Automatic classification of assets based on behavior
  • Set one or more baselines and get notifications when specific changes or anomalies occur in the environment over time
  • Recognize new or rogue assets as they appear; identify assets that have disappeared from the network
  • Powered by human-based intelligence that identifies adversary tradecraft and campaigns
  • No bake-in or tuning period required; threat behavior analytics work immediately upon deployment
  • Detect threats not simply as anomalies to investigate, but with context that guides effective response
  • Notification filtering provides a risk-based approach to management
  • Playbooks codify incident response and best-practice workflows developed by Dragos experts
  • Manage incidents and cases from the same console cross-team
  • Clear Indicator of Compromise reports guide attention to vulnerable assets
  • Easily monitor case, notification, and analyst activity, as well as system-level health and statusT
  • Splunk, QRadar, Pi Historian, LogRythym, Syslog, Windows Host Logs

Scheme of work

 Scheme of work