Threat detection can be summarized into four types: Configuration, Modeling (Anomalies), Indicators, and Behavioral Analytics. Understanding the difference in these types and how to use each enables industrial control system (ICS) security teams to defend their environments appropriately. '
As companies try to invest in different type of security technologies they must understand what approaches are right for them before they invest poorly. This presentation will educate on the four types of detection and uses for each while also showcasing the Dragos, Inc. team's approach.'the Dragos Platform, Dragos WorldView ICS Threat Intelligence, Dragos Threat Operations Center, and CyberLens assessment tool give the community unique insights into their environments, the ICS threat landscape, and how to respond.