ICS Threat Detection App for Splunk

Delivers a converged view of log data collected from both IT and OT networks – providing security analysts with improved overarching situational awareness and decision-making support.

The Dragos ICS Threat Detection app for Splunk is available now via Splunkbase.

The Dragos ICS Threat Detection app allows users to view and triage notifications produced by the Dragos Platform, and interact with the Splunk CIM to provide compatibility with native Splunk functionality. 

This means that threats detected on OT networks via the Dragos Platform can now be easily integrated into Splunk deployments and visualized via the four types of detection dashboard further, enabling a more comprehensive response.

Access to the Dragos ICS Threat Detection app requires both a Splunk subscription and the Dragos Platform. No additional licenses are needed.