Dragos launched EmberAI on June 23, putting a purpose-built AI assistant inside its operational technology security platform for teams that defend power grids, factories, water systems, pipelines, data centers, and other industrial environments.
The product is not pitched as a general chatbot for security analysts. Dragos says EmberAI is built on its Intelligence Fabric, a dataset drawn from more than a decade of operational technology incident response, adversary tracking, vulnerability research, asset and protocol analysis, and daily OT telemetry. The company says the system is generally available inside the Dragos Platform.
The timing is notable. Less than a week before the launch, Accenture announced a majority stake in Dragos as part of a larger industrial cybersecurity push that also included runZero and NetRise. EmberAI shows the product direction behind that market move: critical infrastructure security is becoming a fight over context, not just visibility.
Why OT security needs different AI
Industrial security teams already have plenty of alerts, asset lists, vulnerability feeds, advisories, firewall logs, and maintenance constraints. Their harder problem is deciding which signal matters to operations. A vulnerability on an office laptop and a vulnerability on a plant controller may look similar in a ticket queue, but the response options are not the same when a patch window depends on production schedules, safety approvals, or equipment that cannot be restarted casually.
That is the gap EmberAI is trying to address. Dragos says analysts can ask questions in plain language about assets, alerts, vulnerabilities, network activity, and threats in their own environment. The system then correlates that question against Dragos intelligence and local operational context so an analyst can see whether an exposure is tied to known OT attack behavior, which assets are affected, and what response path is most defensible.
On its product page, Dragos describes use cases such as querying assets by zone or software version, triaging vulnerabilities without relying only on raw CVSS scores, moving from an alert to affected assets and guided playbooks, and turning a breaking advisory into a more specific action plan. Those are practical OT workflows, not broad promises that AI will replace a security operations center.
The data behind EmberAI
The company says the Dragos Intelligence Fabric includes more than five petabytes of daily OT telemetry, more than 10 years of adversary tracking across named OT threat groups, proprietary vulnerability research from Dragos’s role as a CVE Numbering Authority, research spanning more than 600 OT protocols, and frontline incident response experience from critical infrastructure environments.
That matters because industrial defenders often need evidence that is narrower than ordinary enterprise security guidance. If an alert maps to a group known to target energy or manufacturing networks, the priority can change. If a controller is exposed but cannot be patched until a shutdown window, the better answer may be segmentation, compensating controls, remote-access review, or tighter monitoring rather than a standard software update plan.
SecurityWeek noted that EmberAI can provide information about likely actors, attack patterns, and behaviors, while Dragos is also building a library of OT skills based on repeatable workflows its own analysts use during investigations and response work. That skills library is not yet the main product story, but it points to where industrial AI tooling is headed: codified expert routines that less experienced analysts can run without pretending they have decades of control-system background.
The important constraint: keep humans in control
For OT environments, an AI recommendation can be more consequential than a faster summary. Bad guidance can create downtime, mask unsafe conditions, or push a team toward a response that is technically neat but operationally reckless. Dragos is leaning into that concern by saying EmberAI keeps the analyst in control, makes recommendations transparent and auditable, and operates inside the customer-controlled Dragos Platform deployment.
The data-handling claim is also central. Dragos says customer data does not leave the customer’s environment. For utilities, manufacturers, transportation operators, and data center owners, that assurance is not a minor privacy detail. Asset inventories, network paths, vulnerable equipment, and operational dependencies can reveal how a facility actually works. Feeding that context into an opaque, shared cloud model would be a hard sell for many critical infrastructure operators.
The launch also shows how security AI is splitting into domain-specific systems. Generic assistants can summarize advisories or draft incident notes, but OT security needs knowledge of PLCs, SCADA systems, industrial protocols, plant zones, maintenance windows, safety constraints, and adversary behavior that targets physical processes. The value of EmberAI will depend on whether it can make those distinctions reliably when analysts are under time pressure.
What buyers should watch
The most useful evaluation questions are concrete. Can EmberAI show why one vulnerability matters more than another in a specific plant or grid segment? Can it separate urgent threats from noise without burying analysts in confident but shallow answers? Can teams trace its recommendations back to evidence? Can it support incident reports that executives understand without hiding the technical basis for a decision?
Operational teams should also ask how EmberAI handles stale asset data, incomplete network visibility, sensitive facility information, and human approval gates. A tool that accelerates a good analyst can be valuable. A tool that lets an organization pretend it has solved the OT skills shortage would be dangerous.
EmberAI is still a vendor product with claims that need to be tested in real environments. But the direction is clear: AI in industrial cybersecurity is moving away from broad alert summarization and toward systems that understand assets, adversaries, vulnerabilities, and operational consequences together. In the control room, that context is the product.
