One of my clients is an inpatient rehab facility, where people were bringing their habits and behaviors from the street. We got a notice from our ISP that two of our campuses were violating copyright. We used Sandbox Analyzer to identify the dynamic IP address and MAC ID, which we used to identify the individual. We found BitTorrent on their laptop and sequestered it. We contacted our ISP and avoided the threat of disconnect.

I've deployed Sandbox Analyzer at a single company with 2,200 individual users. It's a large restaurant chain with a lot of temps and high attrition, which is absolutely the worst for security because none of them bother to pay attention to security awareness. You've got to defend the network, the back end, the back office and you've every workstation. The more secure something is, the less convenient it is. They want convenience in retail and restaurant service. They locked out of all sorts of things to get to the shortest possible transaction.

We are providing Bitdefender to customers. It is for threat defense. 

We are using its latest version. It is deployed on-prem, but they have both deployment models. They support on-prem and cloud deployments. 

The solution is useful in the event of a gray file or grayware, as there are certain files users may download of which we know little about. The sandbox can then answer the question if the file is good, white or black, or a gray file or grayware.