Skip to main content
Threat Hunt

Threat Hunt

Dragos’s ICS threat hunters proactively search for adversary activity in your environment

The Dragos Threat Hunting Service helps you find undiscovered threats in your ICS networks and identify weaknesses in architecture, security controls, and policies and procedures to avoid compromise. Leveraging the Dragos Platform, Dragos threat hunters work independently, or in addition to your local ICS security team, to find threats non-invasively without operational disruptions or downtime.  

Benefits

Expose latent threats on your ICS networks  icon
Expose latent threats on your ICS networks
Identify and correct gaps in your security defenses icon
Identify and correct gaps in your security defenses
Understand potential attack vectors icon
Understand potential attack vectors
Get intelligence-driven insights into the latest adversary behaviors  icon
Get intelligence-driven insights into the latest adversary behaviors 
Learn first-hand from Dragos experts   icon
Learn first-hand from Dragos experts

Lessons Learned from the Front Lines

90% of Dragos Assessment Services customers had very limited or no visibility into their industrial control systems (ICS) environment.
Source: 2020 Year in Review
A cover photo for Dragos 2020 ICS Cybersecurity Year in Review.

How We Hunt

The Dragos Threat Hunting Service pairs our ICS experts with the advanced asset identification, threat detection, and response capabilities of the Dragos Platform to provide a comprehensive understanding of your ICS environment. 

With these insights, our team identifies architecture weaknesses, searches known adversary fingerprints, and leverages our team’s understanding of your specific environment and threats to find previously unrecognized threat actors, malware, and breaches.  

Threat Hunting Options

The Dragos Threat Hunting Service can be customized to suit your organization’s security maturity and specific environment needs.  

Remote CollectionOnsite Collection & Remote AnalysisManaged Threat Hunting
DescriptionCustomer provides Dragos with data, and Dragos performs analysis at Dragos HQ Dragos collects customer data and performs analysis at Dragos HQ On-site deployment of Dragos Platform for data collection; regular proactive threat hunts by Dragos team 
Asset Discovery
Threat ModelingN/A
Operational Impact AnalysisN/A8 Hours8 Hours
Threat Detection
Continuous Collection and OperationN/A

Want to see Dragos in Action?