TechValidate Research on Cisco Stealthwatch

These pages present data that TechValidate has sourced via direct research with verified customers and users of Cisco Stealthwatch. TechValidate stands behind the authenticity of all published data. Learn more »

1,144 Customers Surveyed

9,259 Data Points Collected

370 Published TechFacts

50 Published Charts

65 Published Case Studies

Featured Research Collections for Cisco Stealthwatch

Curated collections and slideshows of TechValidate research data on Cisco Stealthwatch.

Selected Research Highlights

Stealthwatch Easy to Use and Deploy

Stealthwatch is easy to use for a small staff and deployment was simple.

Engineer, Medium Enterprise Media & Entertainment Company

Case Study: Experian


This case study of Experian is based on a November 2013 survey of Cisco Stealthwatch customers by TechValidate, a 3rd-party research service.

“Cisco Stealthwatch is a product that provides so much insight into what is really happening within your networks and gives the best blend of advance notice of problems combined with historic reporting using standard flow data. Couple this with outstanding support and sales/marketing teams with active collaboration with customers and it’s a winning solution.”


  • Purchased Cisco because it is differentiated from competitive products in the following areas:
    • 1:1 Flows
    • Advanced behavioral detection
    • Customer support
    • flow stitching and depth of information

Use Case

  • Is currently using Stealthwatch for:
    • Specialized threat analysis & protection
    • Network analysis & visibility
    • Advanced threat detection
    • Network performance monitoring & diagnostics
  • Uses Stealthwatch with:
    • SIEM
    • Firewalls
    • Full-packet capture system


  • The following are the greatest benefits of the internal visibility provided by Cisco Stealthwatch:
    • Earliest detection of advanced threats (APTs, malware, etc.)
    • Faster Incident response
    • Forensics
    • Monitors individual user activity & mobile devices
    • Continuous internal monitoring
    • Contextual & situational awareness
  • Agrees that Stealthwatch’s user/host-level information is critical for the following:
    • Security
    • Forensics
    • Network troubleshooting
  • Rated Stealthwatch’s effectiveness in the following areas:
    • detecting DDoS: effective
    • accelerating incident response and forensics: extremely effective
    • detecting advanced persistent threats: effective
    • detecting insider threats / Suspicious behavior: extremely effective
    • detecting malware / zero-day attacks: extremely effective
  • Saves hours per incident for determining Mean-Time-To-Identify threats and Mean-Time-To-Know root cause using Stealthwatch.
  • Rated how critical Cisco Stealthwatch is for the following:
    • Monitoring visibility: very critical
    • Improving security: Critical
    • Managing cyber security: Critical
    • Responding to cyber threats : very critical
  • Ranks Cisco’s customer support as excellent.

Stealthwatch applications are significant to educational institutes visibility & security.

How critical is Cisco’s Stealthwatch for:

Very Critical Critical Somewhat Critical Not Critical

Monitoring visibility
Improving security
Managing cyber security
Responding to cyber threats

Visibility and user information combine for second to none forensics

Cisco has allowed us for the first time to truly have visibility of what’s happening within our internal networks and see suspicious traffic as it develops, but it really excels with the integration of identity systems to provide second to none historical forensic data.

Senior IT Architect, Large Enterprise Financial Services Company

Cisco Stealthwatch Case Study

Horizon Blue Cross Blue Shield of NJ


This case study of Horizon Blue Cross Blue Shield of NJ is based on a September 2016 survey of Cisco Stealthwatch customers by TechValidate, a 3rd-party research service.

“Stealthwatch protects my previous investments by allowing me to do more with my existing security tools.”

“Stealthwatch has dramatically improved my organization’s security posture.”


The business challenges that led Horizon Blue Cross Blue Shield of NJ to evaluate and ultimately select Cisco Stealthwatch:

  • Uses Stealthwatch to gain visibility into the following:
    • Application usage
    • Virtualized infrastructure

Use Case

The key features and functionalities of Cisco Stealthwatch that the surveyed company uses:

  • Uses Stealthwatch for the following reasons:
    • Identify malware and APTs
    • Improve network performance
    • Proactively hunt for threats on the network
    • Prevent DDoS attacks
    • Enforce policy

Horizon Blue Cross Blue Shield of NJ has integrated Stealthwatch with the Identity Services Engine (ISE).


The surveyed company achieved the following results with Cisco Stealthwatch:

  • Uses Stealthwatch for the following reasons:
    • Improve security efficacy
    • Reduce enterprise risk
    • Maintain a competitive advantage
    • Protect intellectual property
    • Better serve customers/partners
    • Increase operational efficiency
    • Improve regulatory compliance
  • Uses Stealthwatch to enable the following:
    • Detect threats faster
    • Secure more areas of the network
    • Illuminate blind spots in the network
    • Reduce mean time to dwell on threats on the network
    • Accelerate incident response
    • Improve forensic investigations
    • Use the network as an enforcer
  • Rates their experience with Stealthwatch’s proposed benefits to be as follows:
    • Simple, easy to use: strongly agree
    • Open, easy to integrate: strongly agree
    • Automated, reduces manual work: strongly agree

Solving Operational Challenges

What types of operational challenges did the use of Stealthwatch by Cisco solve?

Reduction in Mean-Time-to-Know (MTTK) root cause of network or security incidents
Improved in network performance
Improved network security posture
Improved in application performance
Improved efficiency in the identification of security threats
Improved forensic analysis
Increased correlation of user identity and activity
Increased visibility of mobile devices
Increased flow collection, monitoring and analysis
Enhanced compliance posture

More to Explore

About Cisco Stealthwatch

With Cisco Stealthwatch, organizations can improve both network security and performance, and avoid the high costs associated with downtime, security breaches and other issues.

Cisco Stealthwatch Website   Cisco Website