Dragos released version 1.4 of the Dragos Platform, industrial cybersecurity software that codifies advanced threat analytics to provide operational technology (OT) and information technology (IT) practitioners visibility of ICS assets and prescriptive procedures to respond to adversaries.
This latest release incorporates customer feedback from existing deployments, as well as input from Dragos’ Threat Operations Center.
The Dragos Platform is designed for visibility of ICS assets and threats, built upon its DPI (Deep Packet Inspection) capabilities. DPI capabilities enable protocol analysis for contextual depth, providing greater accuracy and speed in the identification of thousands of assets. This fine-grained characterization can allow for faster and more accurate assessments of normal or abnormal usage and communication patterns necessary for automated asset identification and threat detection.
Other key features include:
• New content packs with added threat behavior analytics, custom-authored investigation playbooks, device fingerprints, and ICS protocols
• New pivot and filtering options to easier navigate throughout the application and improve workflows
• New geographical map views to more easily locate and understand industrial assets