Every day my news feed pushes information about cybersecurity attacks from nation-state actors around the globe. No wonder that fully half of the press releases coming my way are from cybersecurity protection suppliers. Many, if not most, attacks seem to be on industrial companies.
This news from Dragos regards the latest release of the Dragos Platform—focusing on OT network visibility and cybersecurity. The updates provide industrial and critical infrastructure organizations with deeper and enriched visibility into all assets in their OT environments, streamlined workflows for threat detection and vulnerability management that allow for efficient and effective response, and integration of Dragos WorldView intelligence and Neighborhood Keeper community intelligence on current and emerging threats.
Updates include new local collector and file ingestion capabilities that expand data collection options for increased flexibility; also included are new filtering capabilities that create asset inventory views to answer key visibility questions for IT security and operations alike. The evolved integration of the Platform with Dragos’s Neighborhood Keeper and WorldView threat intelligence streamlines vulnerability management, threat detection, and response workflows to meet emerging threats like FrostyGoop and PIPEDREAM malware; Unitronics vulnerabilities; and VOLTZITE, CyberAveng3rs, and CHERNOVITE threat groups targeting OT environments.
Highlights
- Expanded asset enrichment with project file and data import: The new file ingest feature allows for seamless import and enrichment of asset data from existing project files or other devices.
- New lightweight collector for enhanced monitoring: A containerized traffic forwarding solution, this collector operates on edge switches and routers to provide data collection for space-constrained locations deep within OT environments. It captures and processes critical data.
- Expanded environment support: Dragos sensors now support Hyper-V and ESXi environments.
- Advanced asset filtering features: The introduction of customizable filters allows users to efficiently manage and analyze asset data.
- Automated alerts with Neighborhood Keeper trusted insights: Context of newly discovered vulnerabilities or threat activity relevant to users’ environment can be pushed via Neighborhood Keeper to their Platform console from Dragos directly or from our Trusted Insight Partners, often before the vulnerabilities or threat activity are disclosed publicly.
- Added intelligence context with pivots to WorldView OT analysis: In-Platform pivots to WorldView intelligence analysis & reporting on specific vulnerabilities providing deep intelligence analysis to enable risk management (additional license required).
- Over 1,000 new threat detections, vulnerabilities and response playbooks added: The latest updates introduce over 1,000 new threat detections, addressing emerging threats such as CyberAveng3rs, FrostyGoop and other advanced threats.
