Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Dragos

Below you will find reports with the source of “Dragos”

image from 2025 OT/ICS Cybersecurity Report

2025 OT/ICS Cybersecurity Report

This year the report highlighted the increasingly complex threat landscape and the corresponding escalating pressure on defenders to enhance visibility into and resilience of OT/ICS networks Organizations with strong incident response capabilities, defensible architectures, secure remote access protocols, and robust network monitoring are far better positioned to reduce the risk of a successful attack on the enterprise OT even in this increasingly complex environment.

(more available)
Added: April 25, 2025
image from Dragos’s 2025 OT Cybersecurity Report

Dragos’s 2025 OT Cybersecurity Report

This year highlighted the increasingly complex threat landscape and the corresponding escalating pressure on defenders to enhance visibility into and resilience of OT/ICS networks. This focus on simplicity highlights a critical point for defenders: effective implementation of the SANS ICS 5 Critical Controls remains the best defense against OT targeting adversaries.

(more available)
Added: February 28, 2025
image from OT Cybersecurity The 2023 Year In Review

OT Cybersecurity The 2023 Year In Review

Dragos started the Year in Review to highlight significant trends in the OT cybersecurity community. This year’s report aims to go further by offering practitioners and leaders the most up-to-date data, along with perspectives from the field, to help them better defend critical infrastructure around the world. These perspectives are focused on providing actionable insights that have been tried and tested to help organizations effectively defend against and respond to industrial cyber threats.

(more available)
Added: February 29, 2024
image from ICS/OT Cybersecurity Year In Review 2022

ICS/OT Cybersecurity Year In Review 2022

The industrial cyber threat landscape is constantly changing with new adversaries, vulnerabilities, and attacks that put operations and safety at risk. The 6th annual Dragos Year in Review summarizes what you need to know about your threats and benchmark your OT cybersecurity posture.

(more available)
Added: May 4, 2023
image from ICS/OT Cybersecurity Year In Review 2021

ICS/OT Cybersecurity Year In Review 2021

Dragos is excited to present the fifth year of the annual Dragos Year In Review report on Industrial Control System (ICS)/Operational Technology (OT) cyber threats, vulnerabilities, assessments, and incident response observations. This report captures how a portion of the industrial community is performing and progressing, and highlights the areas that need improvement to provide safe, reliable operations into 2022 and beyond.

(more available)
Added: May 4, 2023
image from European Industrial Infrastructure Cyber Threat Perspective

European Industrial Infrastructure Cyber Threat Perspective

A review of the threat landscape (actors, actions, etc._ affecting industrial infrastructure in Europe.

Added: April 7, 2022
image from 2019 Year in Review: Lessons Learned from the Front Lines of ICS Cybersecurity

2019 Year in Review: Lessons Learned from the Front Lines of ICS Cybersecurity

This report - compiled from the engagements performed throughout 2019 in customer environments by our threat hunting, penetration testing, incident response, tabletop exercise, and assessments teams

(more available)
Added: March 1, 2020
image from 2019 Year in Review: The ICS Landscape and Threat Activity Groups

2019 Year in Review: The ICS Landscape and Threat Activity Groups

This report anticipates activity targeting and affecting ICS to increase into 2020 and further. It expects to see more adversaries expand their focus to additional criticalinfrastructure and industrial environments, which willlikely align with activity associated with military orgeopolitical conflict. Although defenders continue to gaininsight through OT-specific detection and monitoringplatforms, it is imperative people continue to improvevisibility into activities and threats impacting criticalinfrastructure.

(more available)
Added: March 1, 2020
image from 2019 Year in Review: ICS Vulnerabilities

2019 Year in Review: ICS Vulnerabilities

The findings in this report are a comprehensive look at ICS vulnerability statistics, including how they affect industrial control networks and whether appropriate mitigation is provided alongside the published advisories. Dragos identifies errors in the vulnerability scores associated with public reports, a critical part of our vulnerability assessments. By identifying and updating errors in vulnerability scores, Dragos vulnerability assessments help asset owners and operators better prioritize and manage patching and update procedures.

(more available)
Added: March 1, 2020
image from TRISIS Malware

TRISIS Malware

In mid-November 2017, the Dragos, Inc. team discovered ICS-tailored malware deployed against at least one victim in the Middle East. The team identifies this malware as TRISIS because it targets Schneider Electric’s Triconex safety instrumented system (SIS) enabling the replacement of logic in final control elements. TRISIS is highly targeted and likely does not pose an immediate threat to other Schneider Electric customers, let alone other SIS products. Importantly, the malware leverages no inherent vulnerability in Schneider Electric products. However, this capability, methodology, and tradecraft in this very specific event may now be replicated by other adversaries and thus represents an addition to industrial asset owner and operators’ threat models.

(more available)
Added: November 15, 2018
image from Crashoverride

Crashoverride

Dragos, Inc. was notified by the Slovak anti-virus firm ESET of an ICS tailored malware on June 8th, 2017. The Dragos team was able to use this notification to find samples of the malware, identify new functionality and impact scenarios, and confirm that this was the malware employed in the December 17th, 2016 cyber-attack on the Kiev, Ukraine transmission substation which resulted in electric grid operations impact. This report serves as an industry report to inform the electric sector and security community of the potential implications of this malware and the appropriate details to have a nuanced discussion.

(more available)
Added: November 15, 2018
image from The Four Types Of Threat Detection

The Four Types Of Threat Detection

There is a considerable amount of market confusion around the types of threat detection, how they are derived, and the uses for each. The purpose of this paper is to address those challenges by identifying the four types of threat detection and offering sample use-cases focused on industrial control system (ICS) and industrial internet of things (IIoT) environments.

(more available)
Added: October 22, 2018
© Cyentia Institute 2025
Library updated: July 2, 2025 00:08 UTC (build b1d7be4)