top of page

Cisco StealthWatch 


Scalable visibility and security analytics across your business


“Cisco Stealthwatch has helped us gain visibility into the internal traffic by 100% which has resulted in the identification of threats that were extremely difficult to detect previously.”

IT Architect, Large Enterprise
Industrial Manufacturing Company

Have you been compromised? How would you know?

You have already invested heavily in the IT infrastructure and security for your organization. Yet, attacks are getting through and hostile internal actors operate with impunity. Moreover, it takes months or even years to detect threats. This lack of threat visibility is a function of growing network complexity as well as constantly evolving attacks. And security teams, with their limited resources and disjointed tools, can only do so much. How do you know if your current security controls are working, managed, and configured properly? And how do you know these tools are doing the job that you need them to do?

The solution: Network + Security

Network packet metadata can provide useful insights about who is connecting to the organization and what they are up to. Everything touches the network, so these insights can extend from the HQ to the branch, public cloud and private data centers, roaming users, and even Internet of Things (IoT). Analyzing this data can help detect threats that may have found a way to bypass your existing controls, before they are able to have a major impact. It can also detect questionable behavior undertaken by hostile insiders. And, importantly, properly functioning analytics can lessen the burden on your security team and provide them with more opportunity to concentrate on high probability threats. This approach to advanced threat detection is:


Effective security is dependent on the ability to see everything in your network

About DNS Security

Know every host. See every conversation. Understand what is normal. Be alerted to change. Respond to threats quickly. 


Continuously monitor and detect
advanced threats that have either bypassed existing security controls or originate from within


Focus on critical incidents, not noise

with contextual, high-fidelity alarms prioritized by threat severity

Respond quickly and effectively
with complete knowledge of threat activity, network audit trails for forensic investigations, and integrations with existing security controls

Leverage existing investments
into the IT infrastructure and use the rich network telemetry for better security

Scale security with growing business needs
whether you are adding a new branch or a data center, moving workloads to the cloud, or simply adding more devices


Ensure compliance

with policy violation alarms that can be tuned to the business logic


Secure your cloud in Microsoft Azure

Reduce costs and complexity while securing your cloud environment in Azure.


A new approach to AWS security

Dynamic environments such as Amazon Web Services (AWS) need a rethinking of security.


Security for Google Cloud

In as little as 10 minutes, secure your Google Cloud Platform environments

Umbrella Message

Contextual network-wide visibility

Stealthwatch provides agent-less enterprise-wide visibility, across on-premises, as well as in all public cloud environments. With knowledge of who is on the network and what they are doing, it also helps organizations to implement smarter segmentation customized to the business logic. And it provides actionable intelligence enriched with context such as user, device, location, time-stamp, application, etc.

Predictive threat analytics

Stealthwatch uses a pipeline of analytical techniques to detect advanced threats before they can turn into a breach. Using network behavior analysis, it can pinpoint anomalies, which are further analyzed using a combination of supervised and unsupervised machine learning for high-fidelity threat detection. This allows your security team to focus on the most critical threats. The Stealthwatch security analytics engine is also powered by the industry-leading Cisco Talos threat intelligence, that has the most up-to-date information for local-to-global threat correlation. 

Automated detection and response

The combination of this context-driven enterprise-wide visibility and the application of advanced analytical techniques helps organizations to detect threats like unknown or encrypted malware, insider threats, policy violations, anything that “hits the wire”. Security teams can see alarms that are prioritized by threat severity, and have additional information to take actions easily. Stealthwatch also has the capability to store telemetry at scale, and provides network audit trails for forensic investigations into past events and for compliance monitoring. Finally, it integrates with your existing security controls in order to respond to the threat, without any business shutdown.

Sample use cases

bottom of page