Free Webinar:

Join us on 3/29 and learn how to prepare for effective OT incident response.

Register Now
Skip to main content
OSISOFT

Detecting Threats Using Broad ICS Datasets

This partnership of OSIsoft and Dragos provides the ICS community with the ability to more effectively and efficiently analyze both network and operational data to detect and respond to threats in ICS environments.

The OSIsoft PI System can collect, analyze, visualize, and share large amounts of high-fidelity, time-series data across all operations from multiple sources, including non-Ethernet based sensors. This level of data was previously unavailable to network security monitoring platforms without adding additional layers of complexity (e.g. media converters). Analyzing data from all sources available is integral to complete threat detection across the control system architecture.

The integration of Dragos Platform with PI System further extends the application of PI System data already available in an environment to also benefit ICS defenders. Dragos Platform utilizes PI System data in addition to its broad collection of industrial network and host data to provide the most complete coverage for ICS threat detection and response in the industry today, leveraging threat analytics running within the platform to correlate malicious activity and operational events to identify the threat behavior and potential impact to operations.

With this partnership, you benefit from: 

  • Enhanced Asset Discovery using data from the PI System provides additional asset detail to help characterize assets including non-ethernet devices.
  • Correlated Threat Discovery with Operation Events using the Dragos Platform’s Threat Behavior Analytics to correlate known threat behavior with associate operational data and Event Frames from the PI System to help analysts understand the full impact of the threat and reduce Mean Time To Recovery (MTTR).
  • Expand Search Capabilities Through Vast Datasets using the Dragos Platform’s Query Focused Datasets (QFD’s) allow for retroactive searches through both network, host, and operational data to assist in threat hunting and incident response activities.
  • Investigation Playbooks Incorporate Guidance using PI System data when relevant showing associated playbooks guide defenders on how to use the Platform’s PI System data to appropriately respond to detected threats on the ICS.
DOWNLOAD PARTNER BRIEF

Learn more about OSIsoft

visit twitter
visit facebook
visit linkedin
visit youtube
Learn how to better protect your ICS environment with Dragos and OSIsoft.

View Website Learn More
Related OSIsoft Resources VIEW MORE
Whitepapers
Bow Tie Model Daniel Michaud-Soucy Josh Carlson OSIsoft Risk Management
Using Bow Tie Risk Modeling for Industrial Cybersecurity
Learn More
Webinars
Bow Tie Model Daniel Michaud-Soucy Josh Carlson Malware OSIsoft
Bow Tie Model of Destructive Malware

01.27.21

Watch Now
News
Bow Tie Model Daniel Michaud-Soucy Josh Carlson OSIsoft
Bow Tie Model of Destructive Malware – ICS Historian Case Study

10.13.20

Read More
VIEW MORE