Dragos, Inc., a leader in industrial cybersecurity, has acquired NetRise, a company specializing in software supply chain security, for an undisclosed amount. This acquisition marks a strategic move to enhance Dragos' capabilities in securing operational technology (OT) environments.
NetRise focuses on providing deep visibility and transparency into the software embedded in devices. The company generates accurate, evidence-based Software Bill of Materials (SBOMs) directly from executing code, aiming to eliminate blind trust in software and reduce risks from hidden vulnerabilities that often ship with new devices. This capability is particularly critical in industrial settings where devices frequently contain complex, opaque software components.
The acquisition is strategically significant as it integrates NetRise's proactive vulnerability identification and software transparency into Dragos' existing industrial cybersecurity platform. Industrial control systems (ICS) and other OT devices are increasingly targeted, and understanding their underlying software components is paramount for effective defense. By incorporating NetRise's technology, Dragos will gain enhanced insight into the software supply chain of these critical systems, allowing for more comprehensive risk assessment and mitigation.
This synergy is expected to provide Dragos customers with an unparalleled understanding of the vulnerabilities present in their industrial assets, from the moment of deployment. The combined entity will offer a more holistic approach to securing critical infrastructure, moving beyond traditional network and endpoint protection to address foundational software risks. This integration aims to strengthen defenses against emerging threats by providing a clearer picture of device integrity and potential attack surfaces.