Dragos and Splunk have teamed to provide customers with a converged view of log data collected from both IT and OT networks. Security teams at industrial organizations can view ICS-focused datasets alongside the enterprise IT datasets collected in Splunk, providing analysts with improved overarching situational awareness and decision-making support.
This partnership expands the ICS cybersecurity ecosystem to ensure critical infrastructure and industrial organizations are better prepared with better visibility and better analytics – and are better able to protect their OT environments, regardless of where an adversary may attack. It will enable more effective SOC function – more effective threat hunts, ability to resolve incidents more quickly – for organizations concerned about ICS cybersecurity.
Together, Dragos and Splunk are providing ICS / OT focused cyber defenders with better tools, better visibility, better expertise – and ultimately, better outcomes.
About Our Partnership
Learn how to better protect your ICS environment with Dragos and Splunk.
Dragos Splunk Partnership FAQ
Dragos is excited to launch the Dragos ICS Threat Detection app for Splunk. This app, now available from Splunkbase (https://splunkbase.splunk.com/app/4601/), integrates the Dragos Platform technology for Industrial Control Systems (ICS) security with Splunk. The Dragos Platform provides passive ICS network monitoring which produces improved asset identification & mapping, proactive anomaly & threat behavior detection, and threat response & recovery capabilities.
It provides cyber defenders at industrial organizations with a unified view of threats and events across the converged enterprise IT and industrial OT (operational technology) environment. Threats detected on OT networks via the Dragos Platform can now be easily integrated into Splunk deployments and visualized via the four types of detection dashboard, further enabling a more comprehensive response.
Dragos ICS Detection App for Splunk
This app, now available from Splunkbase, integrates the Dragos Platform technology for Industrial Control Systems (ICS) security with Splunk. The Dragos Platform provides passive ICS network monitoring which produces improved asset identification & mapping, proactive anomaly & threat behavior detection, and threat response & recovery capabilities.