Dragos Integrating with CrowdStrike

SOC analysts should be able to pinpoint malicious behavior more quickly and reduce false positives.

Manufacturing Infrastructure Cyber

Dragos Inc., a leading cybersecurity provider for OT environments, has announced an expanded partnership with CrowdStrike that entails the integration of OT threat intelligence from the Dragos Platform into the CrowdStrike Falconยฎ Next-Gen SIEM. The integration enables SOC analysts to quickly pinpoint malicious behavior on OT networks and have the context they need to reduce false positives, prioritize mitigations, and achieve faster response times.

CrowdStrike Falcon Next-Gen SIEM unifies first and third-party data, native threat intelligence, AI, and workflow automation to drive Security Operations Center (SOC) transformation.

In the face of escalating threats to OT environments, including a 50 percent rise in reported ransomware attacks, many industrial organizations lack visibility across OT networks. The Dragos Platform offers enhancements through its OT-native network visibility and monitoring capabilities. The Dragos Platform integration with Falcon Next Gen SIEM looks to enhance detection and response, providing SOC analysts with in-depth context for alerts and reduce the frequency of false positives through intelligence-driven threat detections.

This allows for rapid identification of malicious activity in OT environments, ensuring that industrial organizations can more effectively prioritize and mitigate real-world threats, ultimately maximizing their cybersecurity investments and improving operational efficiencies. According to CrowdStrike, Falcon Next-Gen SIEM delivers more capabilities and up to 150x faster search performance than legacy SIEMs and solutions positioned as SIEM alternatives, at an 80 percent lower total cost of ownership. With this expanded partnership, organizations will be able to:

  • Find and investigate evasive threats with AI-powered detections supported by Dragos's contextual threat behavior analytics with actionable insights;
  • Accelerate deployment with streamlined Dragos Platform data onboarding and third-party automated response actions.
  • Unify SOC data and workflows.
  • Perform more thorough investigations and root cause analysis across IT and OT to reduce mean time to respond and recover (MTTR).

More in Cybersecurity