Cisco Stealthwatch: Security Analytics Services without upfront cost or riskContributors: Bryan Doerr
As cybersecurity becomes more complex and demand grows for knowledgeable security staff, organizations will look for more ways to maximize their security budgets. One way to do so is to outsource security functions to a service provider. According to the Cisco 2018 Annual Cybersecurity Report, 49 percent of security practitioners said they outsourced monitoring services in 2017, up from 44 percent in 2015. In addition, the Global Managed Security Services Market has a projected compound annual growth rate of 14.5 percent through 2022, reaching US $45 billion.
To take advantage of these trends, managed security service providers (MSSPs) need to differentiate themselves by providing complete, effective, and accurate security services that take advantage of customer scale to offer lower prices. Cisco Stealthwatch was built to give network and security providers a powerful security analytics capability focused on threat detection that is effective, easy to use, easy to deploy, and most importantly, requires little or no upfront capital expenditures.
Here are a few reasons to try Cisco Stealthwatch today.
Cisco Stealthwatch is a cloud-hosted, software-as-a-service solution. Accordingly, the upfront risk of a large capital purchase and the long-term overhead associated with maintenance capacity planning, monitoring, and patching is avoided. It works by deploying a lightweight software sensor that collects network telemetry, or in the case of public cloud infrastructure, by collecting telemetry via APIs. This telemetry is then encrypted and sent to the Stealthwatch backend for processing and analysis. Because Stealthwatch is cloud-based, new features and capabilities are added automatically, so the value experienced by the service provider and their customers continues to grow over time.
Centrally managed and full APIs
Stealthwatch supports multitenancy and provides a service provider portal. This allows MSSPs to keep an eye on all of their clients from a single location, and quickly act on alerts no matter where they occur. In addition, full APIs allow you to easily integrate Stealthwatch into your existing workflows and tools.
Low-noise, high-fidelity threat detection
Security teams are inundated with too many alerts. Only 53 percent of security alerts are investigated, and of those, only 34 percent of alerts are legitimate security events. For MSSPs this problem is even more relevant because they have to protect many client networks, and time wasted on false alerts has serious costs both in expenditures and in reduced security effectiveness.
Stealthwatch strives to request attention from security staff only when it is relevant. Whenever an alert is closed, we ask our customer if the alert was “helpful.” To date, 95 percent of Stealthwatch alerts are rated helpful by our customers.
Post-paid, consumptive licensing model
Stealthwatch is part of the Cisco Service Provider License Agreement (SPLA) and is priced based on how much of the service you actually use. This month-to-month, post-paid, utility-based licensing model, allows MSSPs to enjoy all the benefits of an easy-to-deploy and agile threat detection and monitoring solution without up-front purchases. In addition, as aggregate customer volume grows, unit costs decrease providing increased margin opportunities.
Want to learn more about how Cisco Stealthwatch can help you offer easy to use, effective threat detection services with no capital expenditures? Read the Automated Threat Detection for the Managed Services Provider At-a-Glance.
Also check out our Cloud-based security tailored for managed security service providers here.
Want to try Stealthwatch today? Sign up for a free, 60-day trial here. MSSPs welcome!