Dragos analysts use behavioral analytics and decades of national security expertise to uncover threats to ICS networks. We use expert-level assessment of global threats to cut through the noise and give you the situational awareness and actionable information you need to act quickly to prevent or mitigate an attack.
Dragos focuses on detecting known malicious behaviors rather than just static indicators or contextless anomalies. Once an adversary behavior is identified it can be scaled across all customer environments.
Dragos analysts live in the world of global cybesecurity, allowing them to make expert-level assessments on the importance of each threat and how you should respond.
Dragos automatically delivers threat assessment reports to the Dragos Platform that enrich the detection capabilities of your team with the context they need to take immediate action.
Dragos monitors news reports, social media, vendor alerts, white/black lists, and other available information from around the world. Our analysts sift through the mountains of information and provide expert-level assessment of the threats that could impact your ICS networks while ensuring you do not act on hype or misinformation.
Dragos leverages data insights from private sources, threat hunting, and the Dragos Threat Detection module so that threats uncovered in one customer environment warn and inform the rest of the Dragos community. Sharing information is optional, but data is anonymize, and opting in allows customers to take advantage of insights gathered from the larger community.
Dragos conducts security operations across the Internet to identify and root out malicious activity on a global, national, and local level. Activities help identify vulnerabilities and threats in industrial control software as well as websites that are often frequented by ICS personnel. A purpose-built ICS network honeypot entices attacks, and analysts can then mine valuable insights into the threats and use it to inform their detection activities.