Dragos Platform
  • 20 Mar 2025
  • 2 Minutes to read
  • Dark
    Light

Dragos Platform

  • Dark
    Light

Article summary

Dragos is a cybersecurity platform with an ecosystem tailored for industrial environments. Dragos's Operational Technology (OT) offers clear visibility into your Industrial Control System (ICS) assets and communications. For detailed information, please refer to Dragos’s official documentation.

Integration Method: API

Tables: Device Inventory Info (5001), Detection Finding (2004), Vulnerability Finding (2002)

This integration supports the following type of events.

Event

Description

Assets

Retrieve a list of all assets.

Vulnerabilities

Retrieve a list of all vulnerabilities.

Detections

Retrieve a list of all detections.

This integration supports the following versions.

Dragos Platform version

version 1.4

Dragos SiteStore API

2.5.x

Prerequisites

  • The user should have access to the Dragos Platform portal. 

  • The user should have access to the DataBee console.

Configuration Overview

  1. Generate API Key with required permissions.

  2. Create Dragos Platform Data Feed in the DataBee console with the required credentials.

    DataBee Parameter

    Dragos Parameter

    Username

    ID

    Password

    Secret

    API Base URL(<instance>)

    Dragos Instance

Dragos Configuration

For the latest information on configuring Dragos, refer to Dragos’s Administrator User Guide.

Add New Role

  1. Sign in to the Dragos platform as an Administrator.

  2. Copy the instance value from the URL for later use.
    Example instance value: Dragos Cloud.
     

  3. Navigate to the Admin > User Management > Roles.
     

  4. Click on Add New Role, the “Add New Role” window will appear.
     

  5. On “Add New Role” window:

    1. Under the ‘Name’ field enter the Name for the Role.

    2. Under the ‘Description’ field enter the Description for the Role.

    3. Under ‘Permissions’, check the following permissions, then click on Save.

      1. asset:read

      2. detection:read

      3. vulnerability:read

Create New User and API Key

  1. Navigate to Admin > User Management > Users.
     

  2. Click on Add New user, the “Create User” window will appear.
     

  3. On the “Create User” window, enter the ‘Name’ then click on Create. The “Edit User” window will appear.
     

  4. On “Edit User” window, click on Data Access.
     

  5. Under Data Access, in ‘Role Access’, select the role that we created in the previous step. Then click on Authentication.
     

  6. Under Authentication, click on Add New API Key.
     

  7. Under Generate New API Key, enter ‘Name’ of the API key, then click on Generate Key.
     

  8. Copy the ID and Secret generated.

    Note:

    This is the only time the secret is displayed. Once this message box is closed, there is no way to retrieve the secret. If the secret is lost, then the API Key must be deleted and a new API Key needs to be created.

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
     

  2. Search for the Dragos Platform and click it as shown below.
     

  3. Click on the API Ingest option for collection method. 

  4. Enter basic contact information in the contact form.
     

  5. In the following dialog box, enter the following:

    • Authorization Method: Basic

    • Username: enter above generated ID. 

    • Password: enter above generated Secret. 

    • API Base URL: replace <instance> by your instance value.

    • Event types: preselected for all the event types that integration pulls.
       

  6. Click Submit.

Troubleshooting Tips

  • If you are facing a response code - 401 this might be possibly due to incorrect credentials. Ensure the ID and Secret are pasted correctly.

  • If you are facing a response code - 403 this might be possibly due to missing permission. Ensure that all the required permissions are granted correctly as per the above-mentioned steps.

  • Make sure that the IPs of the Databee are whitelisted.


Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence