LLMpediaThe first transparent, open encyclopedia generated by LLMs

Dragos Inc.

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: Profibus Hop 4
Expansion Funnel Raw 71 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted71
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
Dragos Inc.
NameDragos Inc.
TypePrivate
IndustryIndustrial cybersecurity
Founded2016
FoundersJon Shachtman; Robert M. Lee; Mike Assante
HeadquartersUnited States
ProductsICS/OT cybersecurity platform, threat intelligence, incident response, managed detection

Dragos Inc. is a United States–based private company specializing in cybersecurity for industrial control systems and operational technology. The firm provides detection, response, threat intelligence, and assessment services aimed at sectors including energy, manufacturing, utilities, and critical infrastructure. Founded by former military and private‑sector practitioners, the company has become notable for reporting threat actor campaigns and for collaborating with national agencies and private operators on industrial cybersecurity.

History

Dragos Inc. was founded in 2016 by Jon Shachtman, Robert M. Lee, and Mike Assante after prior experience at organizations and incidents involving industrial control systems such as the Ukraine power grid cyberattack, engagements with United States Department of Energy, and consulting with companies affected by campaigns like BlackEnergy and Industroyer. Early funding rounds and accelerator involvement connected the firm to investors and partners associated with Y Combinator, In-Q-Tel, and cybersecurity venture activity around Silicon Valley. Dragos published early technical analyses that referenced malware families and threat actor activity linked to groups scrutinized by NATO, European Union, and national CERTs including US-CERT and ENISA. The company expanded globally with regional offices and operational centers while briefing entities such as the United States Congress, DHS, and industry consortiums like ISA99 and NIST.

Products and Services

Dragos markets a suite of products and services designed for industrial control systems, operational technology, and supervisory control and data acquisition environments. Core offerings include an ICS/OT detection platform used alongside assets inventories and network monitoring tools similar in domain to offerings by Nozomi Networks, Claroty, and Palo Alto Networks ICS initiatives; the platform integrates threat intelligence on adversaries associated with campaigns attributed to groups discussed by Mandiant, CrowdStrike, and Symantec (Broadcom). Professional services include incident response engagements that mirror playbooks advocated by CISA, tabletop exercises used by ABB and Siemens industrial customers, and adversary emulation that references frameworks like MITRE ATT&CK for enterprise and MITRE ATT&CK for ICS. Managed detection and monitoring services are offered to utilities and manufacturers comparable to managed services from IBM Security and Accenture.

Industry Impact and Research

Dragos has influenced industrial cybersecurity through published reports and threat actor profiles, contributing to public awareness of campaigns linked to actors that have been examined by Kaspersky, ESET, and FireEye. The company's research has been cited in advisories by agencies such as CISA, NCSC (UK), and ANSSI, and in whitepapers for standards bodies including IEC and IEEE. Dragos research outputs often cross‑reference incidents like Stuxnet, NotPetya, and the 2015 and 2016 Ukrainian power grid attacks, while providing technical indicators useful to operators using tools from vendors like Splunk, Tenable, and Rapid7. The firm also contributes to community education efforts via workshops at conferences including Black Hat, DERI ICS, S4 Conference, and RSA Conference.

Partnerships and Customers

Dragos has established partnerships with industrial technology vendors, energy sector organizations, and government bodies. Collaborations include joint exercises and integrations with firms such as Siemens, Schneider Electric, Honeywell, and cloud or security providers like Microsoft and Amazon Web Services. Customers span utilities, oil and gas firms, manufacturing conglomerates, and transportation operators, with engagements that parallel procurement practices seen at Southern Company, ExxonMobil, BASF, and Deutsche Bahn. The company has worked in concert with national entities such as DHS, DOE, and international counterparts including NATO Cooperative Cyber Defence Centre of Excellence for coordinated incident response and information sharing.

Like several cybersecurity vendors, the company has faced scrutiny and debate over disclosure practices, naming conventions for threat actors, and coordination with government agencies including discussions that involved Congressional hearings and regulatory attention similar to inquiries seen at Facebook and Equifax. Controversies in the sector have referenced reporting decisions comparable to those by FireEye and CrowdStrike when disclosing nation‑state activity, raising questions about attribution, liability, and operator privacy that echo legal debates around Wikileaks disclosures and Edward Snowden‑era issues. Litigation and regulatory matters in the industrial cybersecurity space have involved topics like export controls, data handling, and contractual disputes familiar from cases involving Palantir and Booz Allen Hamilton.

Corporate Governance and Funding

Corporate governance has involved executive leadership drawn from military, intelligence, and private industry backgrounds similar to leaders who transitioned from NSA, US Air Force, and private firms like Booz Allen Hamilton and Lockheed Martin. Funding rounds and investor participation have connected the company to venture capital networks active in cybersecurity, reflecting patterns seen with startups backed by Sequoia Capital, Accel, and institutional investors including In-Q-Tel. Board composition and advisory roles have included individuals with experience in national security, industrial operations, and technology procurement reminiscent of advisors associated with DARPA and Department of Defense programs. The company remains privately held and has pursued growth aligning with procurement cycles of major utilities and multinational industrial corporations.

Category:Cybersecurity companies Category:Industrial control systems