Dragos is excited to announce updates to the Dragos Platform with the release of version 1.3.
Our platform provides comprehensive visibility of industrial networks and assets, passively monitors and detects threats through intelligence-driven analytics, and provides step-by-step playbooks for rapid threat hunting and incident response.
We’ve streamlined the user experience—allowing for improved analyst productivity, scalability, deployment support, administration, and third-party integration—with enhancements including:
We also made performance improvements to our Interactive Map, a unique feature in the Dragos Platform that allows security teams to visualize network zones, monitor baseline changes, and hone in on specific attack paths.
Below are details of some of the new features available to our customers immediately. If you’d like to schedule a demonstration of the Dragos Platform and find out how our technology can provide unprecedented insight and security tools for ICS environments, please contact firstname.lastname@example.org.
The Detections dashboard offers analysts a consolidated view of the four types of detections
The Detections dashboard provides analysts a summary of the highest priority items that require their attention and can be filtered by date range and severity. Once the Detection is opened, a summary triage view shows the alert details, which analytic triggered the alert, recommended playbooks to use, a list of assets involved, and a list of related notifications. This makes it easier for analysts to understand what happened and what to do next.
For more information about the four types of threat detection and applications in ICS, read our latest whitepaper by Dragos’ Director of Threat Intelligence Sergio Caltagirone and Dragos’ CEO Robert M. Lee here.
Compiled by our Threat Operations Center, our investigation playbooks provide step-by-step instructions for effective hunting and response and data on adversary behaviors from the Dragos Threat Intelligence team.
1.3 offers new, interactive steps for analysts to follow, so it’s easier to understand and complete tasks and subtasks that should be performed each step of the incident response process or threat hunt. This significantly improves the ease and efficiency of workflow for analysts. Specifically selected QFDs and analytics are also included with these interactive steps that link to relevant data and analytic results. (To learn more about QFDs, check out our blog.)
Our new midpoint management system makes it easier than ever to configure, deploy, and maintain midpoint sensors (hardware-deployed appliances that collect network data). Users can push new content packs from the centralized Dragos Sitestore, enabling remote tasking, configuration, and deployment.
The midpoint management system is especially significant, as it improves analyst accessibility and allows for greater scalability of sensors.
In addition to new platform capabilities, we substantially updated the Content Packs in 1.3 –content releases that customers can download and incorporate into their own platforms – adding 47 new threat behavior analytics and characterizations and 22 new and updated playbooks. A summary of the Content Pack includes:
We are very excited about the release of version 1.3. If you have any questions about these new updates or would like to find out how the Dragos Platform can benefit you, please contact email@example.com
To learn more about how the Dragos Platform arms industrial organizations with the tools to establish scalable, efficient, and effective defenses, read our latest case study with NaturEner here.
We don't require you to submit your information but if you would like to stay up to date with the latest news and events from Dragos, Inc then let us know who you are.