Dragos’ May Knowledge Pack is now available to Dragos Platform customers!
Dragos Knowledge Packs are monthly deliveries of the latest threat analytics, ICS/OT device data, and investigation playbooks to ensure our customers are armed with the proactive, comprehensive information needed to better understand their ICS/OT environments and assets and combat advanced threats.
Key highlights of the May Knowledge Pack include:
Expanded ICS/OT protocol inspection, device identification, and threat behavior analytics for Schneider Electric Triconex
Additional detections for Building Automation Systems, including detections for dangers to life and critical equipment
New threat behavior analytics and indicators red team behaviors and tools adopted by some ICS adversaries, including: CobaltStrike Command and Control; LDAP-based tactics; and NetExec
New and improved support OT protocols including: Triconex System Access Application (TSAA); Honeywell Common Data Access (CDA); and Yokogawa Vnet/IP
Dragos’ May Knowledge Pack also contains the latest indicators of compromise from the Dragos Intelligence team.