Broadcom XDR Aids Understaffed SOC Teams
▼ Summary
– Broadcom launched Symantec CBX, a unified, cloud-based XDR platform integrating Symantec and Carbon Black security technologies.
– The platform specifically targets resource-constrained organizations facing advanced threats but lacking complex security infrastructure and large Security Operations Centers.
– CBX combines Symantec’s prevention, data security, and cloud capabilities with Carbon Black’s endpoint detection and response for visibility across endpoints, networks, and data.
– It uses AI to correlate security signals into high-confidence incidents, speeding up investigations and providing a single interface to trace attacker activity.
– The platform includes features like Adaptive Protection to block living-off-the-land attacks and AI-powered guidance to predict attacker moves and assist analysts.
A new cloud platform from Broadcom is designed to empower security teams that are stretched thin. The solution, Symantec CBX, unifies the company’s Symantec and Carbon Black technologies into a single extended detection and response (XDR) offering. It specifically targets a critical market gap: organizations confronting enterprise-grade threats without the budget or staffing for a traditional, complex security operations center.
The modern threat landscape no longer spares smaller or mid-sized organizations. They face the same advanced persistent threats and sophisticated adversaries as larger enterprises, yet often struggle with costly point solutions and a chronic cybersecurity skills shortage. This combination leaves them vulnerable and unable to effectively counter attacks. Symantec CBX aims to bridge this gap by integrating proven capabilities into a unified, cloud-native service.
The platform merges Symantec’s strengths in robust prevention, data security, and cloud SWG with Carbon Black’s industry-leading endpoint detection and response (EDR) technology. This fusion delivers deep visibility, superior threat detection, and rapid response across an organization’s entire digital environment. For the first time, resource-constrained teams can access premium security protections, from advanced web filtering to world-class data security, in a practical and manageable format.
“Organizations of all sizes are facing increasingly sophisticated threats, but many security teams are still challenged by limited resources,” noted Feris Rifai, President of Leap, a TD SYNNEX company. “Combining our scale with solutions like Symantec CBX helps expand access to advanced capabilities in a way that is practical and approachable for our customers.”
The platform’s core advantage is its ability to correlate security signals across endpoints, networks, data, and cloud assets. Instead of generating a flood of isolated alerts, CBX uses intelligent automation to link related events into high-confidence incidents. This allows analysts to move swiftly from alert to investigation, dramatically accelerating response times.
Key capabilities of Symantec CBX enable security professionals to:
Unlock advanced protection previously reserved for large enterprises, including secure web gateway filtering and sensitive data scanning, without requiring dedicated teams or complex custom implementations.
Speed up investigations and response through AI-driven correlation that automatically builds a narrative of an attack, showing the complete sequence of events across different systems.
Gain unified visibility via a single interface called Threat Tracer. Analysts can visually trace an attacker’s full workflow to understand the initial entry point, lateral movement, and final data exfiltration.
Proactively block living-off-the-land attacks using Symantec Adaptive Protection, which detects and can automatically halt the anomalous use of legitimate system tools that attackers exploit.
Leverage AI-powered guidance for faster, more informed decisions. The platform includes breakthrough Incident Prediction technology that forecasts an attacker’s likely next moves, allowing teams to cut off attacks preemptively. A built-in AI Security Assistant, trained on vast threat intelligence, helps analysts classify threats and surface remediation steps.
Upskill team members with contextual insights. With the majority of incident flags now accompanied by AI-generated recommendations and comprehensive summaries, even junior analysts can quickly grasp the scope and implications of security events, making every team member more effective.
“This announcement marks a major milestone as we unite the strengths of Symantec and Carbon Black into a single, robust solution,” said Jason Rolleston, VP and GM of Broadcom’s Enterprise Security Group. “CBX empowers organizations of all sizes with advanced, yet intuitive capabilities to tackle modern threats with confidence. It extends enterprise-grade protection to organizations that can no longer rely on security through obscurity.”
(Source: Help Net Security)
