Cisco Systems
Cloud Based Contextual Threat Detection and Security Monitoring
Public Cloud Monitoring (PCM) is cloud based contextual threat detection and security monitoring for public cloud networks. PCM provides security monitoring and visualization services for public cloud infrastructure using advanced modeling & machine learning techniques. Our service learns normal behavior for a resource or a user. When a behavior change is observed that should be investigated, Stealthwatch Cloud will generate an alert with various details.
Automated monitoring and visibility. Stealthwatch Cloud provides visibility to every networked asset and user. Machine learning and modeling algorithms lead to a deeper understanding of normal activity while providing automatic threat detection.
Extremely Low noise. Stealthwatch Cloud's unique dynamic learning of your asset's behavior means that only meaningful alerts are generated. Customers have historically rated 90% + of Stealthwatch Cloud's alerts as "helpful".
PCM consumes Google’s VPC flow logs and models all IP traffic generated by your resources, both inside the VPC and to external IP addresses. New Remote Access, Geographic Unusual Remote Access, Excessive Access Attempts and Potential Database Exfiltration are examples of Stealthwatch Cloud alerts. In addition, network reports like top IPs, top ports, active subnets with traffic statistics, etc, are available.
Example alerts generated by PCM are:
In addition, network reports like top IPs, top ports, active subnets with traffic statistics, etc. are available.
A free 60 Day TrialManaged services are billed by the partner and hosted on or integrated with Google Cloud. These services are managed and supported by third-party service providers. You will register with the service provider to use the service and will receive a separate bill from the partner.
Pricing
Priced as either meter based or by a fixed monthly amount as a contract.
Meter based pricing is based on the amount of EMF we process each month.
Tier based pricing is based on the amount of EMF we process each month with options for monthly, one, three or five year commits.
Usage is based on the amount of flow log information that is sent and processed each month. The billable metric is referred to as Effective Mega Flows and equates to roughly one million lines of processed log data. Available as either a metered metric or via a contract that allows the subscriber to convert to a fixed EMF volume at a fixed price and duration. Support is included.
Additional Resources
Stealthwatch Cloud At-a-Glance Document
Stealthwatch Cloud Product Video
Stealthwatch Cloud Data Sheet
Case Study AFGE Gains Complete Visibility into Public Cloud Traffic with Stealthwatch Cloud
Securing Public Cloud Workloads Workload Protection Checklist
Google Cloud Console has failed to load JavaScript sources from www.gstatic.com.
Possible reasons are: