Asset Visibility: The Dragos Platform Difference
Broad visibility of ICS environments and assets with analysis beyond ICS protocols
Why is Asset Visibility so important in industrial environments?
Industrial companies inherently understand that the equipment operating in their environments is critical to the success of their business. Unfortunately, over time the complexity of these environments increases, inventories change, technology ages, systems drift out of compliance with configuration standards, new vulnerabilities are discovered, and the simple challenge of having full visibility into your environment so it can be properly secured becomes a never-ending struggle.
With good asset visibility, asset operators not only get a clearer picture of what is running in their environment, they are able to make better informed decisions about how to secure it. The Dragos Platform was designed by practitioners for practitioners and includes our deep expertise in protocol dissection and asset identification, combined with extensive analysis of device communications to create a comprehensive picture that is essential to efficient and effective industrial cybersecurity operations.
Comprehensive Asset Inventory and Visibility
Industrial cybersecurity teams will appreciate the clear and rich level of visibility possible with the Dragos Platform. Not only are assets visually displayed on a customizable map with configurable zones, but historical timeline views are available to show changes in communications between devices over time. Asset map details are easily filtered for more focused analysis and asset information like device type, equipment vendor, and firmware version is readily available.
Asset Inventory and Synchronization
One of the essential foundations of solid OT cybersecurity is having an accurate and up to date inventory of all devices in your environment – yet many companies struggle with this fundamental challenge. With the Dragos Platform, you will have an integrated solution that not only ingests network data sources to populate the asset inventory for actively communicating devices, it is also able to process host log files and other administrative sources to address inventory gaps.
For those occasions when devices need to be manually updated, the Platform has bulk import/export capability with intelligent matching on device detail fields. Organizations who have deployed formal CMDB tools in their enterprise environments can take advantage of integrations available between the Dragos Platform and partners like ServiceNow, allowing for asset synchronization.
Beyond ICS Protocol Analysis
The Dragos Platform’s deep packet inspection (DPI) capabilities drill down into ICS protocols to understand function codes, identify abuse, and detect potential threats. Multiple data sources (including, but not limited to ICS protocols) are analyzed to provide a complete view of network traffic, data historians, host logs, asset characterizations, and anomalies. Our list of supported protocols is regularly expanded so our asset visibility remains tightly integrated with the best threat detection in the industry. The latest protocol coverage datasheet is available here.
The Dragos Platform’s asset inventory and visibility capabilities provide the industry’s most comprehensive and in-depth understanding of ICS environments.
- Comprehensive inventory of all assets, devices, and details
- Faster triage of incidents through timeline analysis
- Group assets by zone to identify unexpected traffic
See the Dragos Platform in Action
Take the next step to protect your ICS environment now with a free demo