By Dragos, Inc

Dragos’ April Knowledge Pack is now available to Dragos Platform customers. 

Dragos Knowledge Packs are monthly deliveries of the latest threat analytics, ICS/OT device data, and investigation playbooks to ensure our customers are armed with the proactive, comprehensive information needed to better understand their ICS/OT environments and assets and combat advanced threats. 

Key highlights of the April Knowledge Pack include:

Expanded ICS/OT protocol inspection and device data for mining-specific assets 

Additional detections for General Electric (GE) Mark Controller devices

New protocol dissectors for Emerson Ovation and ABB, including: CSLIB, TOOLSERVER, SSRPC P10009, DB_XMIT, Ovation REM Server, Ovation Alarm, Ovation MGMT

New threat behavior analytics that detect red team behaviors adopted by some ICS adversaries, including: Net.exe command detections, DCSync, Powershell Empire Recon, Powershell Empire C2, Cobalt Strike

Lastly, Dragos’ April Knowledge Pack also contains the latest indicators of compromise from the Dragos Intelligence team, as well as custom-authored investigation playbooks to ensure our customers have the best-practice response guidance direct from our team of industrial responders and threat hunters.

To learn more about Dragos Knowledge Packs, read our blog or contact sales@dragos.com.

Contact Us for a Demo