[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fIXPpUlvJJi4j1tXuTaNEw-x07nQIYvEteaxL7fNRXGI":3},{"article":4,"iocs":54},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":31,"category":32,"article_tags":36},"708b2a24-380a-450e-8f55-b01fd6adb494","Dragos Unveils AI for OT Security","dragos-unveils-ai-for-ot-security-442f18","Named EmberAI, the new capability is built on Dragos’ massive operational technology cybersecurity dataset. The post Dragos Unveils AI for OT Security appeared first on SecurityWeek.","Dragos has introduced EmberAI, a new AI capability designed specifically for operational technology (OT) cybersecurity. Built on Dragos's extensive OT cybersecurity dataset, EmberAI allows analysts to use natural language queries to gather threat and risk information, correlating data from various sources like threat intelligence, assets, and vulnerabilities. The company emphasizes that EmberAI operates within the customer's environment, ensuring data privacy, and that human oversight remains critical for all AI-generated recommendations.","Dragos launches EmberAI, an AI tool for OT cybersecurity built on its OT dataset.","Dragos on Tuesday unveiled EmberAI, a new AI designed specifically for operational technology (OT) cybersecurity. The new product module is built on the company’s Intelligence Fabric, a massive OT cybersecurity dataset compiled over the past decade based on adversary tracking, vulnerability research, asset and protocol research, and frontline incident response experience. “This foundation enables EmberAI to operate on a principle that distinguishes it from generic AI: OT specific intelligence applied in context,” Dragos noted, adding, “As Dragos’s xOT integrations expand the Intelligence Fabric with new data sources, EmberAI’s intelligence and capabilities will grow with it.” EmberAI enables analysts to use plain language queries to obtain the threat and risk information they need. The AI correlates data from multiple sources, including threat intelligence, assets, vulnerability data, and network activity, and provides responses that are based on the customer’s operational context. The user can obtain information on who may be behind the attack, as well as attack patterns and behaviors, helping them prioritize and tailor their response effectively. Dragos is also working on a library of OT skills based on the expertise the security firm’s own analysts apply during investigations, incident response, and preventive services. While EmberAI can be of great use to security teams, humans remain in control and every recommendation made by the AI is transparent and auditable, the company said.Advertisement. Scroll to continue reading. In addition, EmberAI operates inside the Dragos platform deployment controlled by the customer and the customer’s data never leaves their environment. EmberAI is generally available in the Dragos platform. The launch of the new AI comes shortly after Accenture announced taking a majority stake in Dragos as part of a major OT cybersecurity push. Dragos will remain an independent company and it will also oversee runZero and NetRise, which Accenture has fully acquired. The professional services giant paid a total of $4.1 billion for the three cybersecurity firms. Related: Dragos Acquires xIoT Security Firm Phosphorus Related: Siemens Says Desigo CC Files Flagged as Malware by Security Engines Related: Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software Written By Eduard Kovacs Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering. Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights. More from Eduard Kovacs Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration Xsolis Data Breach Affects 1.4 Million IndividualsDecades-Old Squid Proxy Flaw ‘Squidbleed’ Can Expose User DataNew Exploit Bypasses Apple’s Boot Defenses, Affects Millions of iPhonesTexas Parks & Wildlife Data Breach Affects 3 Million IndividualsCisco to Acquire WideField Security to Boost Splunk’s Agentic SOCSplunk Enterprise Vulnerability Exploited in Attacks Days After DisclosureAccenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in $4.1 Billion OT Cybersecurity Push Latest News Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million AppsEight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel AttacksCISO Conversations: Carl Froggett – Combining CISO and CIO at Deep InstinctAlgerian Man Extradited to US for Running Cybercrime MarketplacesFFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS AppliancesOpenAI Refocuses Cybersecurity Efforts on Patching Over DiscoveryRussian Initial Access Broker Behind FortiBleed CampaignCanadian Electricity Provider London Hydro Discloses Data Breach Trending Daily Briefing NewsletterSubscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: How Modern Breaches Bypass MFA and Evade Detection June 17, 2026 Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes. Register Webinar: Modern Exposure Validation in the AI Era June 24, 2026 AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program. Register People on the MoveSolarWinds has appointed Justin Henkel as Chief Information Security Officer.J. Paul Haynes has joined Cinchy as Chief Executive Officer.Hatem Naguib has become Chief Executive Officer at Sysdig.More People On The MoveExpert Insights What the Latest ShinyHunters Breaches Reveal About Modern Cyberattacks Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage. (Torsten George) No Exploits Required Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures. (Tod Beardsley) After AI Reaches Production: 12 Ways Security Teams Can Take Control Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production. (Joshua Goldfarb) Everybody Is Vibe Coding But Nobody Told the Security Team AI-driven development is not something organizations can or should block. But it must be governed. (Danelle Au) The Zero-Knowledge Threat Actor and the End of Responsible Disclosure AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code. (Etay Maor) Flipboard Reddit Whatsapp Whatsapp Email","https:\u002F\u002Fwww.securityweek.com\u002Fdragos-unveils-ai-for-ot-security\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2026\u002F06\u002FAI-artificial-intelligence-industrial-OT-ICS.webp","2026-06-23T17:26:07+00:00","2026-06-23T18:00:29.901586+00:00",7,[18,21,24,27,29],{"name":19,"type":20},"EmberAI","product",{"name":22,"type":23},"Dragos","vendor",{"name":25,"type":26},"AI","technology",{"name":28,"type":26},"OT cybersecurity",{"name":30,"type":23},"Accenture","02371804-cf6d-4449-98de-f1a2d4d9b266",{"id":31,"icon":33,"name":34,"slug":35},null,"Tools","tools",[37,39,44,49],{"category":38},{"id":31,"icon":33,"name":34,"slug":35},{"category":40},{"id":41,"icon":33,"name":42,"slug":43},"839da5c1-3c34-47e2-9499-f7201640e3ac","AI Security","ai-security",{"category":45},{"id":46,"icon":33,"name":47,"slug":48},"d6f63bb8-0801-486a-be7f-171400700454","IoT\u002FOT","iot-ot",{"category":50},{"id":51,"icon":33,"name":52,"slug":53},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[]]