Dragos ICS Threat Detection App for Splunk

The Dragos ICS Threat Detection app for Splunk delivers a converged view of log data collected from both IT and OT networks – enabling analysts with improved overarching situational awareness and decision-making support.

The Dragos ICS Threat Detection app for Splunk is now available now via Splunkbase.

This initial Dragos ICS Threat Detection app release allows users to view and triage notifications produced by the Dragos Platform, and interact with the Splunk CIM to provide compatibility with native Splunk functionality. 

This means that threats detected on OT networks via the Dragos Platform can now be easily integrated into Splunk deployments and visualized via the four types of detection dashboard further enabling a more comprehensive response.

Access to the Dragos ICS Threat Detection app requires both a Splunk subscription and a Dragos Platform to function. No additional licenses are needed.