I have used Stealthwatch Cloud in the insurance sector for what we call the software mapping and automating it with other systems to have a level of visibility. Additionally, we use it for incidents response, forensic analysis, and segmentation of the IT architecture.
Cisco Stealthwatch Cloud is typically on the cloud because most of the companies choose it. However, for the government sector, I've used it on-premise, which is the Central Bank of Kenya.
One of my clients Cisco Stealthwatch Cloud wanted to map their IT architecture and have visibility. Additionally, they wanted to do API integration with the next-generation firewalls with IPA's and the cross integration with the antivirus, digital forensic discovery solution that they have within the bank. They wanted to see, how they would automate the IT architecture using Cisco Stealthwatch Cloud.
In case there is a threat the client needs to do automated incident response, and the solution can act on its own. We do a few tests which are very vital, such as formulated policies. We can see what is on the document, on the ground, and how the policy affects the whole IT architecture. We did those kinds of tests and it went live by automating Cisco Stealthwatch Cloud with a cloud solution and other solutions that they had. We were able to prevent an electric fraud of almost $200,000.