One of our customers works in the public sector for the Saudi government, and we proposed a subscription model for the Threat Grid solution. I think we had a POC before, and the customer liked the concept of Threat Grid. He already had security infrastructure from Cisco, and this would be a seamless integration between Cisco products and with the Cisco Threat Grid. So the use case would be the smooth integration between Cisco security products and Threat Grid.

Our primary use case is to use it to identify unknown files. It checks to see if it's a malicious file or a clean file because this is a sandboxing solution which is why it's used on-prem. They don't want to share their own files to the cloud so they use it on their own prem-solutions. It checks even static or dynamic checking to see if it's clean or it's malicious then it makes a verdict. 

The solution is used for endpoint security.