---
title: Dragos
---

<!-- licenses: community, platform -->
runZero integrates with ((Dragos)) to help expand your OT visibility by importing assets and vulnerabilities from 
the Dragos API.

## Getting started with Dragos {#dragos-getting-started}

To set up an integration with Dragos, you'll need to:

1. Generate a Dragos API ID and API Secret with the following privileges:
   * asset:read
   * detection:read
   * vulnerability:read
1. Configure the Dragos credential in runZero.
1. Activate the integration to pull your data into runZero.

## Step 1: Generate a Dragos API ID and API Secret {#dragos-step1}

1. Log into the Dragos console and navigate to Admin, then navigate to Users. Under the user, click the Add New API Key button.
1. When the Generate New API Key box appears, name your API ID and API Secret, then click Generate Key.
1. Copy the ID and Secret for later.

## Step 2: Add the Dragos API ID and API Secret to runZero {#dragos-step2}

1. Go to the [Credentials page](https://console.runzero.com/credentials/new) in runZero.
1. Choose **Dragos API ID & Secret** from the list of credential types.
1. Provide a name for the credential, like `Dragos`.
1. Provide the following information:
    * **Dragos API ID** - Your Dragos API ID from Step 1.
    * **Dragos API Secret** - Your Dragos API Secret from Step 1.
    * **Dragos API URL** - The URL to your Dragos instance, without any trailing slashes. For example, `https://my.instance.dragos.cloud`.
    * **Insecure** - Enable this option to approve authenticating with untrusted endpoints. When enabled, certificate validation is disabled. Use with caution.
1. If you want other organizations to be able to use this credential, select the _Make this a global credential_ option. Otherwise, you can configure access on a per-organization basis.
1. Verify and save the credential. Note that if the URL provided is an internal IP address, verification is unsupported, but the credential can be saved and the integration will still be usable when run on an Explorer.

You're now ready to set up and activate the connection to bring in data from Dragos.

## Step 3: Choose how to configure the Dragos integration {#dragos-step3}
The Dragos integration can be configured as either a [scan probe or a connector task](integrations-inbound.md#integration-probe-connector). Scan probes gather data from integrations during scan tasks. Connector tasks run independently from either the cloud or one of your Explorers, only performing the integration sync.

## Step 4: Set up and activate the integration to sync data {#dragos-step4}
After you add your Dragos credential, you'll need to sync your data from Dragos.

### Step 4a: Configure the Dragos integration as a connector task {#dragos-step4a}
A connection requires you to specify a schedule and choose a site. The schedule determines when the sync occurs, and the site determines where any new Dragos-only assets are created.

1. Activate a connection to [Dragos](https://console.runzero.com/ingest/dragos). You can access all available third-party connections from the [integrations page](https://console.runzero.com/integrations), your [inventory](https://console.runzero.com/inventory), or the [tasks page](https://console.runzero.com/tasks).
1. Choose the credentials you added earlier. If you don't see the credentials listed, make sure the credentials have access to the organization you are currently in.
1. Enter a name for the task, like `Dragos Sync` (optional).
1. Enter a description for the task (optional).
1. Choose the Explorer to perform this connector task from (optional).
1. Choose the site you want to add your assets to. All newly discovered assets will be stored in this site.
1. If you want to exclude assets that have not been scanned by runZero from your integration import, select the **Exclude assets that cannot be merged into an existing asset** option. By default, the integration will include assets that have not been scanned by runZero.
1. If you want to skip importing vulnerabilities detected on Dragos assets, select the **Disable importing vulnerabilities from the Dragos inventory** option. By default, the integration will import both assets and vulnerabilities.
1. Choose the combination of **Priorities**, **Severities**, **Tags**, and **Subnets** criteria to filter assets by. These criteria correspond to the available filter criteria within Dragos.
1. Schedule the sync. A sync can be set to run on a recurring schedule or run once. The schedule will start on the date and time you have set.
1. Activate the connection when you are done. The sync will run on the defined schedule. You can always check the [Scheduled tasks](https://console.runzero.com/tasks) to see when the next sync will occur.

### Step 4b: Configure the Dragos integration as a scan probe {#dragos-step4b}
You can run the Dragos integration as a scan probe so that the runZero Explorer will pull your Dragos assets into the runZero Console.

In a new or existing scan configuration:
* Ensure that the _DRAGOS_ option is set to _Yes_ in the _Probes and SNMP_ tab and change any of the default options if needed.
* Set the correct _DRAGOS_ credential to _Yes_ in the _Credentials_ tab.

## Step 5: View Dragos assets {#dragos-step5}

After a successful sync, you can [go to your inventory](https://console.runzero.com/inventory) to view your Dragos assets. These assets will have a Dragos icon listed in the **Source** column.

To filter by Dragos assets, consider running the following queries:

* [View all Dragos assets](https://console.runzero.com/inventory?search=source%3Adragos):
    ```
     source:Dragos
    ```

Click into each asset to see its individual attributes. runZero will show you the attributes gathered from Dragos.