This demo showcases how to use the Dragos ICS threat detection and response platform for
- Passive network monitoring and asset identification
- 4 types of threat detection: configuration, indicators, modeling and threat behavior
- Behavior-based notifications and alerts
- Case management with access to raw logs, intelligence reports, best practices, audit log/journal, notifications, code snippets and more
- Guided response via investigation playbooks which continuously deliver codified ICS-specific experience to augment security teams with ICS-specific expertise to independently respond to incidents
The Dragos platform incorporates the intelligence from Dragos WorldView – ICS threat intelligence, and the Dragos Threat Operations Center – ICS threat hunting, assessments, incident response and hands-on training – so that the ICS security teams have access to the ongoing intelligence and latest experience of the Dragos team.