The Dragos OT CDF integration for ThreatQ enables organizations to automatically ingest notifications and cases from the Dragos OT (Operational Technology) platform, which provides comprehensive asset visibility and continuous network monitoring for industrial control systems (ICS). Leveraging specialized threat intelligence, advanced detection capabilities, and risk-based playbooks, Dragos OT identifies malicious activity, vulnerabilities, and misconfigurations across OT environments. Integrating this data into ThreatQ allows security teams to correlate OT insights with broader threat intelligence, gaining a unified view of their security posture and strengthening the protection of critical infrastructure.

The integrations provide the following feeds:

• Dragos OT Cases - ingests cases as events along with the relevant notifications discovered by Dragos OT.
• Dragos OT Notifications - ingests notifications as events along with the affected assets, discovered by Dragos OT.

The integration ingests the following system object types:

• Assets
• Attack Patterns
• Events
• Indicators
• Vulnerabilities