Building AI for OT Security: The Dragos Analyst-First Approach

The artificial intelligence (AI) revolution has reached operational technology (OT) cybersecurity, but not all approaches are created equal. While many vendors rush to add AI features to their products, Dragos is taking a fundamentally different approach grounded in privacy protection, purpose-built for the unique challenges of OT environments, and designed so our customers can rapidly and effectively apply Dragos’s deep expertise in OT cybersecurity to their own environments.

Recently, the Dragos Platform 3.0 release included the announcement that we’re leveraging AI in our back-end vulnerability analysis processes as a force-multiplier for our expert vulnerability analysts who contextualize CVEs for OT and operations. As we roll out new capabilities that leverage AI within the Dragos Platform, we want to provide more details about our AI path forward to maintain transparency and trust with our customers and community.

Our approach emphasizes three foundational principles.

1. We believe AI is an analyst force multiplier, not an analyst force replacement. We empower human analysis with tailored AI-assisted tools that augment and increase expertise within security analyst teams but do not threaten or endeavor to replace them.
2. We believe in our unique power combination of data and expert-driven insights. AI operates best when paired with rich datasets to derive stronger context and conclusions, which we achieve via the deepest available OT cybersecurity data collection and intelligence about industrial threats and vulnerabilities.
3. We believe you are the owner of your data. While operationalizing AI from our extensive Dragos data-driven insights and your own environment-specific data, you maintain control of your data without fear of privacy leakage or loss of ownership.

Companies adopting AI technology in cybersecurity face privacy concerns that extend beyond traditional data protection. AI systems require vast amounts of training data, creating temptations for vendors to use customer data to improve their models. Often these uses come without explicit consent or clear disclosure. Organizations worry about their sensitive operational data being used to train models that benefit competitors or their proprietary network configurations becoming part of shared datasets. Additionally, the opaque nature of many AI systems makes it difficult for customers to understand exactly how their data is being processed, stored, or potentially shared.

At Dragos, we’ve built our AI efforts on the opposite foundation: protecting privacy and preserving data ownership to the originating organizations. Our customers maintain complete control over their data with clear choices about participation, sharing, and overall use. Moving forward, the Dragos Platform’s unique combination for AI applications will include:

• AI Application Control: Customers can explicitly choose which AI features to configure, modify the associated permissions, and understand exactly how their data will be used.
• Single Tenant Sovereignty: Custom training, tuning, optimization, and cross-model information sharing are isolated within customer-specific deployments and protected data flows which are prevented from being observed or leveraged by other customers or third parties.
• Open Integration Points: AI features will have standard API exposure points (e.g. MCP) to allow instances of bring-your-own-models or other customer-specific enterprise AI integrations within their own IT governance programs and agreements, if they so choose.
• Anonymization When Facilitating Collective Insights: When we combine anonymous shared community insights (opt-in participation in Neighborhood Keeper) with Dragos’s proprietary intelligence and research, the shared data remains strictly anonymous—for collectively shared models and systems, we do not train on or expose identifiable customer data / attributes.

We believe that trust in OT security begins with respecting the sensitivity and value of industrial data. Our privacy-first approach ensures that AI enhances security without compromising the confidentiality that critical infrastructure operators require.

The cybersecurity industry faces a fundamental skills challenge: the vast majority of security analysts are trained in IT environments, but operational technology presents an entirely different landscape. Consider the differences:

IT Security Environment: Traditional IT environments operate with standardized operating systems and applications that follow established security frameworks. These systems benefit from regular patching and update cycles that can be scheduled during maintenance windows. Network architectures are typically designed with security as a primary consideration, implementing layered defenses and segmentation strategies. Applications are often (though not always) modern, with granular access control levels, often cloud-delivered. Generally, visibility and threat detection benefit greatly from direct endpoint agents operating on each asset’s operating system. The primary focus centers on protecting data confidentiality and maintaining system availability according to business requirements.

OT Security Environment: Industrial environments present a fundamentally different landscape, with a very large mix of legacy systems running proprietary protocols that were often designed decades before cybersecurity became a primary concern. These systems cannot be patched or updated frequently due to continuously running operations where downtime can cost millions of dollars or create safety hazards. Direct endpoint agents cannot operate directly on each asset due to their embedded system characteristics. Network architectures prioritize reliability and real-time communication over security controls, as millisecond delays can disrupt critical industrial processes. Most importantly, safety and operational continuity become critical concerns that supersede traditional cybersecurity priorities. A poorly constructed security control that interferes with a safety system could have catastrophic consequences.

An oil refinery, electrical substation, or manufacturing floor operates under physical constraints that IT analysts rarely encounter. The equipment is different, the network architectures are different, and critically, the adversary tactics, techniques, and procedures (TTPs) are specifically adapted for OT environments.

Organizations struggle to find qualified OT security analysts, and IT security professionals often feel overwhelmed when transitioning to industrial environments. According to Gartner®:

• Leveraging AI to address operational security market skills shortages will define the fastest path to exceptional cyber-physical systems (CPS) product differentiation.
• Integration of AI into core operational functions will establish the foundation of the next generation of CPS market leaders.¹

Rather than replacing human expertise, Dragos AI acts as a force multiplier that helps IT security analysts operate effectively in OT environments. Our AI vision is to enable:

• Lower-barrier data exploration: Flexible natural language interfaces that allow analysts to quickly explore and understand OT-specific threats, vulnerabilities, and mitigation strategies.
• Informed guidance and recommendations: AI-assisted investigation and summarization workflows that help analysts navigate the complexities of industrial protocols and systems.
• Knowledge amplification: Direct access to Dragos’s threat intelligence and OT expertise codified within our AI knowledge base that is accessible seamlessly alongside the same every-day Dragos Platform analyst workflows and experiences.
• Operational efficiency: Automated prioritization and triage systems that help small security teams manage large and complex OT environments while focusing on driving down mean-time-to-detect and respond to cyber events.

The goal is simple and clear: AI in OT cybersecurity should empower existing IT security talent to become proficient entry-level OT security analysts, dramatically expanding the pool of qualified professionals available to protect critical infrastructure. By doing this we can dramatically accelerate the operational effectiveness of OT cybersecurity.

AI applications require extensive data to fuel effectiveness, and Dragos possesses unique advantages that no other vendor can replicate.

It includes our Vulnerability Intelligence team focused on OT-specific vulnerability research, analysis, risk assessment, and mitigation; Malware and Threat Research teams that analyze industrial-targeted threats through reverse engineering and network traffic analysis; Adversary Hunters who identify and track threat groups, monitoring attack surfaces across critical infrastructure sectors, developing in-depth profiles of groups and their tactics, techniques, and procedures (TTPs).

This intelligence operation produces industry-leading research published as WorldView Reports that deliver comprehensive analysis of OT-targeted vulnerabilities, threat actor profiles, detailed TTPs, real-time insights into active campaigns, as well as strategic perspectives for specific industries. The information compiles into analytics and AI-accessible content used by the Dragos Platform for risk-based vulnerability management, intelligence-driven threat detection, and response playbooks to guide response action.

Dragos OT cybersecurity practitioners conduct proactive assessments and tabletop exercises, and provide incident response services that investigate actual OT breaches and cyber attacks. We gain firsthand knowledge of how adversaries target and compromise OT systems. OT Watch threat hunters are specialized security analysts who research and create specialized hunt analytic packages to deploy across the fleet of Dragos Platform deployments. These experts provide deep operational knowledge of industrial threat patterns. We capture these deep industrial insights from these experts to deliver to our customers and to provide key elements for our AI knowledge base.

Our Neighborhood Keeper collective defense network represents the industry’s most comprehensive view of OT security threats while maintaining strict privacy protections. Participating organizations share detection patterns, asset information, and vulnerability data through an anonymization system that strips all customer identifiable information. Customer identities are protected to prevent attribution while enabling collective analysis across the network. This approach allows us to identify emerging threats and attack patterns across sites without ever knowing which specific customer experienced which events, creating valuable intelligence while preserving complete organizational privacy.

Dragos leverages the combined insights from our in-house expertise and proprietary intelligence data to create training sets for our AI engines, positioning us to deliver the most effective outcomes within the Dragos Platform. These insights also empower our ability to make available analyst assistants via the only comprehensive AI knowledge base in OT cybersecurity for newcomer learning, analyst cross-training, and environment-specific context.

The convergence of AI and OT cybersecurity represents a significant opportunity to address the skills gap and operational challenges facing critical infrastructure protection. However, successful integration of AI into analyst workflows requires more than just adopting the latest AI trends. It demands a thoughtful approach that respects the unique requirements of OT environments.

In the recent Dragos Platform 3.0 release, we introduced AI into our vulnerability intelligence processes with AI-assist of vulnerability matching criteria that’s delivered in weekly updates via our Knowledge Packs (KPs).

In our next feature release, we aim to expand AI capabilities into the core Dragos Platform with integration-oriented Model Context Protocol (MCP) support in the Platform API, as well as a Dragos-hosted analyst assistant with access to the entire Dragos Knowledge Base alongside your platform collection streams for a very powerful combination of data exploration and knowledge amplification.

Next year, our focus will continue to expand on AI applications in the Dragos Platform using automation to drive operational efficiency, provide informed guidance, and generate investigation recommendations.

Dragos’s AI approach reflects our understanding that effective OT cybersecurity depends on three foundations: respecting customer privacy and data ownership, empowering human analysts with specialized knowledge and tools, and leveraging the deepest available intelligence about industrial threats and vulnerabilities.

As we continue developing and deploying AI capabilities, we remain committed to transparency with our customers about what we’re building, how we’re building it, and why we believe it will make a meaningful difference in protecting the critical infrastructure that powers our modern world.

The future of OT security isn’t about replacing human expertise with artificial intelligence. Instead, it’s about augmenting human capabilities with AI tools purpose-built for the unique challenges of protecting industrial operations. That’s the Dragos difference, and it’s the foundation of our approach to AI in OT cybersecurity.

----

¹ Gartner, AI: The Cyber-Physical Systems Security Game Changer, Ruggero Contu, Katell Thielemann, Sumit Rajput, Ayelet Heyman, 13 August 2025.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.