The Dragos Platform – bringing asset visibility, threat detection, vulnerability management and incident response to industrial companies who need to secure their ICS/OT environments.
Security operations require a combination of different technologies to complete the mission of effective threat detection and response. Through a Configuration Management Database (CMDB) integration between Dragos Platform and ServiceNow, users can now expand the visibility of OT assets alongside traditional IT assets giving security professionals a wide view of their environment within ServiceNow.
Having complete asset visibility is an essential step in any security program as defenders first need to understand the environment they are protecting before they can take measures to do so. OT networks are usually separated from IT environments meaning typical enterprise security technologies, processes, and staff are not equipped to cover the full IT and OT spectrum.
Furthermore, maintaining accurate asset inventory can be a challenging task within specific environments, and any efforts to introduce automation in support of this activity can prevent costly labor and manual effort keeping track via traditional means (clipboards and spreadsheets).
ServiceNow is widely deployed across enterprise networks giving automatic visibility of IT assets and changes. Detailed asset inventory is a prerequisite to enabling specific workflows and ticketing functions. Given the complexity and criticality of OT environments, ServiceNow has limited visibility of OT assets, therefore, limiting available workflows to those systems.
Targeted threats to OT networks are increasing in frequency, sophistication, and severity further increasing the potential risk business operations with potentially significant consequences. Therefore, the need to provide security professionals with a complete view of both IT and OT systems is essential for more effective threat detection and incident response.
- ServiceNow Operational Technology (OT) Certified
- Scale your ServiceNow investment by easily integrating OT asset details into new and existing CMDB deployments
The integration automatically improves the accuracy and coverage depth of your asset database by importing asset information from one or more Dragos Platform instances.
- Users can create digital workflows inclusive of previously unseen OT assets
- Visibility of OT assets enables more efficient threat detection and incident response
Version 1.0.40:
-
Node Management Service (NMS) Integration:
Starting from Dragos Platform Version 2.3, the Node Management Service (NMS) API is now used to retrieve sensor data from the Dragos API. This update replaces the previous method of querying sensor data via the Midpoint API.- Updated Componenets
- Get Dragos Sensors [Data Stream Action]: This action now executes REST API calls to the NMS API for retrieving sensor data, replacing the previous use of the Midpoint API.
- Updated Componenets
Version 1.0.37:
- Common Connection Framework: With the Washington release, the Service Graph Connector for Dragos integration now utilizes the Common Connection Integration Framework. This helps manage and validate each of your connections that are set up for the connector.
- Updated Components
- Dragos SG - Alias [Widget] - Now also generates a new Service Graph Connection record when you generate or update your connection information.
- SGDragosConnectionManager [Script Include] - Added Test Connection Capabilities
- New Components
- Test Dragos Connection [Data Stream Action] - Utilized by the test connection UI action on the newly created Dragos Service Graph Connection.
- Connections [Module] - Navigate to the Service Graph Connection table so you can easily review all of your Dragos connections.
- Updated Components
Dragos Requirements
- Requires connection with Dragos Platform version 2.3 and newer
ServiceNow Requirements
- Integrations Commons for CMDB
- CMDB CI Class Models
- ServiceNow IntegrationHub Action Template - Data Stream
- ITOM Discovery License
- ITOM Licensing