By Dragos, Inc.

Dragos is excited to launch the Dragos ICS Threat Detection app for Splunk. This app, now available from Splunkbase (https://splunkbase.splunk.com/app/4601/), integrates the Dragos Platform technology for Industrial Control Systems (ICS) security with Splunk. It provides cyber defenders at industrial organizations with a unified view of threats and events across the converged enterprise IT and industrial OT (operational technology) environment. Threats detected on OT networks via the Dragos Platform can now be easily integrated into Splunk deployments and visualized via the four types of detection dashboard, further enabling a more comprehensive response.

“Effective ICS security requires integrating and leveraging the vast amounts of data in both IT and OT networks so defenders can make better informed and actionable decisions. With this integration, Dragos’ proven experience and expertise in detecting and responding to ICS threats allows organizations to squeeze the most out of their Splunk data,” said Jon Lavender, CTO and co-founder of Dragos.

With increased visibility and more accurate analytics, this partnership expands the ICS cybersecurity ecosystem to ensure that critical infrastructure and industrial organizations are better prepared, providing visibility for all OT environments, regardless of where an adversary may attack. The combination of Dragos threat behavior analytics applied to Splunk’s vast data repository enables a stronger security operations center (SOC) function with more effective threat hunting and incident response.

ICS Threats Becoming More Prevalent 

Since OT threats can originate on either the IT or OT network, it is critical that industrial cyber defenders have full visibility into industrial threat activities across their entire environment. IT-focused security tools that have not been purpose-designed for the OT environment cannot adequately address industrial threats on their own. 

The Dragos ICS Threat Detection app for Splunk expands visibility over the attack surface of the IT/OT converged spectrum, creating new use cases and intelligence through real time correlation of data. By ingesting Dragos OT data into Splunk’s real time data analytics platform, security professionals have greater insights in defending their combined networks.

Interested in learning more about protecting your OT environment using Dragos and Splunk?

Additional Dragos Resources