Dragos Platform

The Dragos Platform is purpose-built cybersecurity software for operational technology (OT) and industrial control systems (ICS), providing asset visibility, threat detection, vulnerability management, and incident response specifically for critical infrastructure. Unlike IT security tools that lack understanding of industrial protocols, the platform uses threat behavior analytics that characterize adversary tactics, techniques, and procedures (TTPs) to identify malicious activity with high confidence while minimizing false positives that plague generic solutions.

The platform discovers and classifies OT, IT, IoT, and IIoT assets through passive network monitoring and active ICS device collection, capturing device type, manufacturer, firmware version, and communication patterns with detailed vulnerability context. Detection capabilities use composite threat analytics based on real-world attack groups documented by Dragos WorldView intelligence researchers, providing alerts with investigation playbooks that guide security teams through efficient response workflows and automated risk prioritization based on environmental context rather than generic CVE scores.

Founded in 2016 by former NSA analysts who investigated Ukraine power grid attacks, Dragos has raised over $440 million and achieved unicorn status with 500-1,000 employees serving critical infrastructure globally. The company has been positioned as a Leader in Gartner's 2025 Magic Quadrant for Cyber-Physical Systems Protection Platforms for both execution and vision, competing with Claroty and Nozomi as the top three pure-play OT security vendors.