More intelligent security based on dynamic models
that get smarter over time

Observable Networks How it Works

StealthWatch Cloud's endpoint modeling service provides vital – actionable – security intelligence regarding your network endpoints. With this insight, you have an important baseline of “normal” behavior related to:
  • Device roles and patterns of communication
  • Device access and data movement
  • Network activities based on past behavior, similar devices, and the rules of the network
  • When any device behavior deviates from normal


Delivery methods that work for you

For many companies, advanced network security is difficult to attain and maintain. First, companies must dedicate significant, often excessive, amounts of employees’ time. They must also invest valuable time and budget to constantly purchase tools and hire IT and security personnel to maintain and use them. 

Now imagine powerful network security, delivered as a SaaS solution. With cost-effective monthly or annual subscription plans – and no hardware or software to install and support – we make it easy to access, use, and trust our endpoint modeling service.

All to give you unobstructed visibility into the behavior of all of your endpoint devices – and the critical advantage to improve security.

Profiles, roles, and algorithms

Our models address and analyze five key dimensions of device behavior. Each dimension is built on our robust proprietary catalog of device profiles, roles, and security algorithms. 
  • PROFILES: Device profiles are network flow-level labels recognized by port, traffic, and destination IP.  Device profile names are given to a behavior associated with a software application or service, such as a streaming media client. Device profiles are important to consider when identifying a device’s role.
  • ROLES: Device roles are combinations of device profiles that represent more complex network devices. A device role is a high-level category for a connected device, such as a printer, domain controller, or medical imaging server. Devices on enterprise networks typically fulfill one or more device roles.
  • ALGORITHMS: Security algorithms are modeling and anomaly-detection techniques based on statistical, state-based, rule-based, and learning theories that quickly identify events that deviate from expected behavior. These events can be normal, new, or potentially malicious.

Focus on what matters most

Your ability to acutely understand normal endpoint behaviors is key to rapidly identifying compromised endpoints in your network. Your ability to significantly reduce and confidently prioritize your security actions is critical to enabling a faster and more efficient incident response capability.

Our experts work with your team throughout your service engagement, starting with your free trial. We offer free customer support to assist in the installation of the virtual appliance, the collection of meta data, the tuning of endpoint models, and alert workflow and notification. And most importantly, when you’re up and running, your team won't be swamped with false positive alerts, and will regain valuable time to resolve the issues that matter most.

What do you get as an Stealthwatch Cloud customer?

Observable Services Overview

Stealthwatch Cloud’s endpoint modeling service include:
  • Deeper security intelligence
  • Cloud platform
  • Managed services agility
  • Software-as-a-Service subscription
  • and many more

Sign up for a free trial now to see how your security will never be the same.