It seems like every cybersecurity company has an AI announcement these days. Some are more compelling than others.
Today, Dragos announces EmberAI, a new AI-powered assistant designed specifically for operational technology (OT) environments. While plenty of vendors are busy stuffing chatbots into their products, Dragos is betting that its deep expertise in industrial cybersecurity will help EmberAI stand out from the crowd.
For those unfamiliar, OT security is a different beast from traditional IT security. We’re talking about systems that help run power plants, manufacturing facilities, water treatment plants, pipelines, and other critical infrastructure. When something goes wrong in these environments, the consequences can be much more serious than a few employees losing access to email.
According to Dragos, EmberAI is built on what it calls the Dragos Intelligence Fabric, a collection of OT-specific threat intelligence, telemetry, vulnerability research, and incident response data gathered over more than a decade. The company says analysts can ask questions in plain language and get answers based on operational context rather than generic cybersecurity data.
In other words, the goal is to help security teams understand not only what is happening on their networks, but also whether it actually matters.
That’s an important distinction. Security teams are drowning in alerts, and OT environments often face an even steeper learning curve because specialized expertise is hard to find. Dragos believes EmberAI can help bridge that gap by giving less experienced analysts access to insights that would normally require years of OT experience.
Naturally, there are some questions that remain unanswered. AI tools are great at summarizing information, but they’re not perfect. Anyone who has spent time with generative AI knows that mistakes can happen. In a critical infrastructure environment, even a small error could create problems if people blindly trust the output.
To its credit, Dragos says EmberAI is designed with a human-in-the-loop approach. Analysts remain in control, recommendations are auditable, and customer data stays within the organization’s existing Dragos deployment.
Will EmberAI live up to the hype? Well, that is the hope. Still, this announcement is more interesting than the average “we added AI” press release because Dragos operates in a niche where expertise is scarce and mistakes can have real-world consequences.
If AI is going to prove its value anywhere in cybersecurity, helping protect critical infrastructure may be one of the better places to start.
Support independent tech journalism
NERDS.xyz is independently owned and operated. If you enjoy my coverage of Linux, AI, hardware, cybersecurity, and tech culture, consider supporting the site on Ko-fi.
Support NERDS.xyz