Evaluating , now a division of Broadcom , requires looking beyond its heritage as a household antivirus name . Today, it is an enterprise-heavy powerhouse focused on Integrated Cyber Defense for large-scale security operations. Market Position & Core Ecosystem
To evaluate Symantec today requires looking past its legacy branding. The company is no longer the independent giant it once was; it is now the enterprise security division of semiconductor titan Broadcom. This evaluation explores Symantec’s current technological standing, the impact of its acquisition, and its viability as a security partner for modern enterprises. evaluate the security operations company symantec
| Issue | Detail | |-------|--------| | | Broadcom’s classic “raise prices, cut R&D, reduce support” strategy → many long-term customers are migrating. | | Lagging in XDR | No unified XDR platform like CrowdStrike or Microsoft 365 Defender; EDR/NDR/SIEM remain loosely coupled. | | SOAR is weak | Symantec’s automation (Playbook Designer) is basic compared to Palo Alto Cortex XSOAR or Splunk SOAR. | | Cloud-native support | AWS/Azure protection is agent-based and less mature than competitors (e.g., Wiz, Lacework). | | UI complexity | Multiple consoles: SES, ICD Manager, WSS portal, Email.cloud – no single pane of glass for SOC. | | High false positives | Legacy signature + ML overlap creates alert fatigue; tuning requires heavy onboarding effort. | | Customer support decline | Post-2019, Broadcom moved support to low-cost regions → longer ticket resolution. | Evaluating , now a division of Broadcom ,
Based on this evaluation, we rate Symantec's security operations as follows: The company is no longer the independent giant
| Feature | Description | |--------|-------------| | | Global SOCs (US, Europe, Asia-Pacific) with multilingual analysts. | | Endpoint Detection & Response (EDR) | Integrated with Symantec Endpoint Security (SES) – includes behavioral analysis, root cause investigation, automated playbooks. | | Network Detection & Response (NDR) | Uses decryption + deep packet inspection (DPI) via Web Security Service (WSS) cloud proxy. | | SIEM & Log Management | Can ingest logs into Broadcom’s Symantec Integrated Cyber Defense (ICD) Manager ; also partners with Splunk, QRadar. | | Threat Intelligence | Symantec DeepSight Intelligence (reputation, file, IP, domain intel) + Global Intelligence Network (from 175M+ endpoints). | | Incident Response (IR) Retainer | On-site or remote IR team, breach containment, forensics, legal support. | | Managed Detection & Response (MDR) | Full MDR covering endpoint, network, email, cloud (Office 365, G Suite, AWS, Azure). | | Vulnerability Management | Integrated scanning via Symantec Vulnerability Management (from Skycure + Adaptiva). | | Email Security | Symantec Email Security.cloud (anti-phishing, URL isolation, DLP). | | Cloud SOC | Symantec Cloud Workload Protection (CWP) for AWS/Azure, container security. |