VIAVI advances NetSecOps with unified threat forensics and retrospective analysis

VIAVI Solutions has announced its Observer Threat Forensics solution with an advanced retrospective analysis capability.

The industry is shifting away from siloed network and security operations teams to a converged NetSecOps structure to close critical gaps in incident responses and strengthen resilience. Designed to increase visibility across operational teams, Observer Threat Forensics helps organizations identify potential vulnerabilities including post-detection analyses of a breach, the intrusion point and the exposed data.

Observer Threat Forensics is built on VIAVI’s heritage in network operation management, combined with secure network infrastructure and threat intelligence powered by CrowdStrike. It brings together packet insights, flow data and log telemetry into a unified NetSecOps workflow, as well as retrospective forensic capability. Additionally, the platform unites site, application, network and UC views into a simple, easy-to-read user dashboard that gives a complete view of the organization’s end-user experience, as well as performance issues and their root causes.

In the State of the Network study from VIAVI, 79% of the 750 responding CIOs and CISOs wanted convergence, believing the existing siloed model was ill-suited to modern networks and lacked key visibility, which could introduce risk. However, just 27 percent of the organizations surveyed have started to make the move.

“That two-thirds of those wanting to switch still have not done so highlights the challenges organizations face when transitioning to a converged operational framework,” said Chris Labac, VP and GM, Network Performance and Threat Solutions, VIAVI.

“VIAVI’s Observer Threat Forensics leverages common datasets already collected for our network performance monitoring platform. Because the network traffic, enriched flow data, and metadata are already there, NetOps and SecOps can use the same data to gain performance insights and investigate security threats. We’ve built in an advanced array of NetSecOps functions that together give better awareness of the situation across the entire enterprise, eliminate noise and close the data gaps,” Labac continued.

“Security and network teams can no longer operate in silos – because adversaries don’t,” said Daniel Bernard, Chief Business Officer, CrowdStrike. “By integrating CrowdStrike’s real-time adversary intelligence into VIAVI’s deep network visibility, organizations gain the context they need to quickly investigate incidents, understand impact and stop breaches across domains. Together, we’re helping customers unify NetSecOps workflows with the adversary intelligence required to outpace modern threats.”