For VendorsBlog
Login
Dragos  Industrial Cybersecurity Platform

Add to comparison

Dragos Industrial Cybersecurity Platform

1.7
Pitch
ICS cybersecurity technology that provides ICS defenders with unprecedented visibility of their assets and communications, knowledge of threats through driven analytics.

Features of product

Проблемы Problem Solving
  • Aging IT infrastructure
  • IT infrastructure downtimes
  • Risk of attacks by hackers
  • Risk of lost access to data and IT systems
  • Shortage of information for decision making
  • Unauthorized access to corporate IT systems and data
Ценности Business Values
  • Enhance Competitive Ability
  • Ensure Security and Business Continuity
Матрица сравнения с конкурентами Matrix of comparison with competitors
Описание

About Product

The Dragos Platform contains all the necessary capabilities to monitor and defend ICS environments. It combines the functionality of an OT security incident and event management system (SIEM), network detection and anomaly system, and incident response platform with the experience and intelligence of the Dragos team.

IDENTIFY ASSETS

Deep packet inspection (DPI) of ICS protocols, traffic, and asset characterizations, ability to consume host logs and controller events, and integrations with ICS assets such as data historians provide a complete view of ICS environments.

DETECT THREATS

Complex characterizations of adversary tactics, techniques, and procedures through threat behavior analytics pinpoint malicious activityon ICS networks and provide in-depth context to alerts.

RESPOND

Expert-authored investigation playbooks and case management guide defenders step-by-step through the investigation process to enable independence and transfer knowledge from our team to ICS defenders.

Benefits:

  • Significantly reduce time to identify and inventory all assets and traffic on your network
  • System-generated asset maps and reports provide consistent, time-driven views that are accurate, up-to-date, and thorough
  • Automatic classification of assets based on behavior
  • Set one or more baselines and get notifications when specific changes or anomalies occur in the environment over time
  • Recognize new or rogue assets as they appear; identify assets that have disappeared from the network
  • Powered by human-based intelligence that identifies adversary tradecraft and campaigns
  • No bake-in or tuning period required; threat behavior analytics work immediately upon deployment
  • Detect threats not simply as anomalies to investigate, but with context that guides effective response
  • Notification filtering provides a risk-based approach to management
  • Playbooks codify incident response and best-practice workflows developed by Dragos experts
  • Manage incidents and cases from the same console cross-team
  • Clear Indicator of Compromise reports guide attention to vulnerable assets
  • Easily monitor case, notification, and analyst activity, as well as system-level health and statusT
  • Splunk, QRadar, Pi Historian, LogRythym, Syslog, Windows Host Logs
Характеристики

Characteristics

Abnormal Behavior Detection
Traffic Analysis
Security Orchestration N/A
Passive Monitoring N/A
Automated Asset Discovery
Flow Discovery
PLCs and RTUs Discovery
Network Topology Mapping

Yes

Inventory of Devices
View Filters

Features of users

Продающие истории Use Cases

Industrial Control Threat Intelligence Whitepaper

Продающия история

Modern network and asset defense require far greater visibility into the industrial control system threat landscape than in years past. The threat environment is highly dynamic, and adversaries who invest in the problem are outpacing defenders who do not.
Threat intelligence is knowledge of adversaries and their malicious behaviors through which defenders gain better visibility.
Threat Intelligence reduces harm by improving decision making before, during, and after cybersecurity incidents reducing operational mean time to recovery, reducing adversary dwell time, and enabling root cause analysis. It is a necessary component of any modern cybersecurity program that significantly improves the efficacy of all existing elements.

Source: dragos.com/resource/industrial-control-threat-intelligence-whitepaper/

Work flow chart

Схема
Materials