It’s The Multiplier Effect.

Dragos combines an on-premise platform, threat operations service, and global threat intelligence, delivering the industry’s strongest Industrial Control System defense. The platform’s automated capabilities enrich the knowledge and intuition of industry-specific cybersecurity experts. In return, the platform compiles and correlates suspicious events at a scale and speed that allows human experts to uncover even more insights. Both benefit from the rich threat context provided by Dragos’ global intelligence data. The Dragos Industrial Cybersecurity Ecosystem is not an additive solution; it's a multiplicative one.

Dragos Platform

The Dragos Platform is the heart of the Dragos ecosystem. The innovative industrial cybersecurity software codifies and automates insights from on-the-ground experts who have spent decades responding to the world’s most complex threats on a global, national, and local level.

Data Collection Pipeline

The Dragos Data Collection Pipeline feeds critical information into the Dragos Platform. These insights give you the visibility, context, and actionable information you need to detect and remediate threats quickly and efficiently.

  • Passively identify up to hundreds of thousands of assets
  • Use secure telemetry for anonymous data share with IT or external teams
  • Integrates with existing IT SIEM solutions
  • Collect numerous data types
Core Models

The Dragos Platform gives you everything you need to identify and respond to threats in your ICS networks in a single platform. Three modules work together to discover and manage your ICS assets, detect threats through behavioral analytics, and streamline operations so you can focus on more strategic projects. The platform constantly evolves as it is enriched by insights from the Dragos Threat Operations team, from Dragos Intelligence and from customers that choose to connect to the Dragos Threat Operations Center.

01 | Asset Discovery

Dragos Asset Discovery automatically and passively maps out and visualizes all network-connected devices, ports, and protocols on a single pane of glass.

  • Gain visibility into your assets
  • Dissect ICS protocols and communications
  • Proactively identify routes in and out of the ICS
  • Detect deviations from the norm
02 | Threat Detection

Dragos Threat Detection Engine provides a real-time automated detection against highly-adaptive and highly-targeted threats. The engine leverages behavior analytics that are the codification of adversary tradecraft with the appropriate context in place. These behavior analytics are produced by Dragos cybersecurity experts and data scientists who hunt for threats through industrial networks around the world.

  • Identify, score and rank risk threats
  • Weed out forensic noise and reduce alert fatigue
  • Enable staff to focus on threat hunting
  • Receive updates from the Dragos Threat Operations Center
Workflow Automation

Dragos Workflow Automation provides purpose-built playbooks for automating and orchestrating security and compliance procedures. These include threat hunt, threat investigations, and incident response processes as well as daily workflows such as compliance, auditing, and reporting.

  • Increase the efficiency of analysts
  • Standardize security policies
  • Codify Dragos' threat hunters best practices
  • Evolve processes to meet dynamic needs
Workbench

Dragos Workbench consolidates all security activity on a single pane of glass and serves as a case management system for investigations. This intuitive, context-rich interface gives analysts and incident responders a unified view they can use to collaborate across extended teams when collecting data, detecting threats, and responding to incidents.

  • Provide complete context for security events
  • Track progress and improve productivity
  • Improve the accuracy of incident validation
  • Speed up incident response

Deploying Dragos

Dragos is built on open standards with with easy-to-use APIs. It seamlessly fits with your existing security infrastructure investments while allowing data to seamlessly flow in and out of the platform.