The Dragos CDF integration allows teams to seamlessly ingest Dragos WorldView Product Reports and Indicators into ThreatQ. Leveraging the Dragos WorldView API, the integration delivers comprehensive intelligence on threats targeting industrial control systems (ICS) and operational technology (OT) environments.

The integration provides the following feeds:

• Dragos Product Reports - fetches, parses, and ingests Dragos Product Reports, which include threat intelligence on industrial control systems (ICS) and operational technology (OT) environments.
• Dragos Indicators - fetches curated tactical indicators impacting ICS and OT environments, from Dragos’s API.

The integration ingests the following object types:

• Adversaries
• Attack Patterns
• Indicators
• Intel Requirements (Custom Object)
• Malware
• Reports
• Vulnerabilities