As many users already know; Cognitive Threat Analytics (CTA)was added as a feature in Stealthwatch version 6.9!
This new feature is available to all Stealthwatch users. There is no additional license required. The installation requirements are that your Flow Collector and Management Console have to be able to access the Internet; either direct or through the use of a non-SSL proxy.
The installation instructions can be found here: https://www.cisco.com/c/dam/en/us/td/docs/security/stealthwatch/cta/configuration/SW_6_9_1_Stealthwatch_and_CTA_Configur…
The addition of Cognitive Threat Analytics provides Stealthwatch users additional capabilities to detect and investigate anomalies and threats that cross the Internet trust boundary defined by inside and outside host groups. Only meta data from the Stealthwatch Flow collector database that describes connections that cross this trust boundary (in either direction) and similar DNS traffic will be sent to the Cognitive data center in the Cloud. Results obtained from Cognitive are sent to the SMC. All Cloud communications are secured via HTTPS.
For more information see also the latestCognitive Threat Analytics (CTA): Release Notes