Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



New Data Sharing Platform Serves as Early Warning System for OT Security Threats

Several OT cybersecurity firms have teamed up to create an information sharing platform designed to serve as an early warning system for critical infrastructure.

Several cybersecurity companies specializing in industrial control systems (ICS) and other operational technology (OT) have teamed up to create an open source information sharing platform that is designed to serve as an early warning system for critical infrastructure.

The new project, named ETHOS (Emerging THreat Open Sharing), is a vendor-agnostic technology platform for sharing threat information anonymously and in real time across various industries. 

The shared information includes indicators of compromise (IoCs) such as IP addresses, hashes, and domains, which can be useful to defenders for detecting new threats. 

“A real-time, open-source solution that functions almost like a hotline to correlate information from multiple security vendors to identify anomalous behaviors is the most feasible concept for reducing threat actor dwell time and discovering incidents during the reconnaissance phase of potential attacks,” the project’s initiators explained. “The goal for ETHOS is to uncover emerging threats for which there is no threat intelligence available.”

ETHOS currently has a beta API that provides data sharing functionality, and a server is in development. 

Organizations participating in the project can act as clients and/or host their own server to compare the information that is shared. ETHOS founding members pointed out that the project is not a shared proprietary threat intelligence feed and its goal is to complement existing information sharing platforms.

ETHOS is designed specifically for OT/ICS, but the API can be used by any type of cybersecurity solution.

Advertisement. Scroll to continue reading.

Founding ETHOS members include 1898 & Co., ABS Group, Claroty, Dragos, Forescout, NetRise, Network Perception, Nozomi Networks, Schneider Electric, Tenable, and Waterfall Security. 

General membership applications will be available in June 2023. Any individual, organization or security vendor can contribute to the project.

Related: Swimlane Launches Security Automation Ecosystem for OT

Related: US Electric Cooperative Association Launches Commercial OT Security Solution

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...


Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).


Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.


More than 1,300 ICS vulnerabilities were discovered in 2022, including nearly 1,000 that have a high or critical severity rating.


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...


Siemens and Schneider Electric address nearly 100 vulnerabilities across several of their products with their February 2023 Patch Tuesday advisories.