Broadcom has announced the launch of Symantec CBX (Carbon Black XDR), a cloud-based security platform that merges technologies from its enterprise cybersecurity solutions, Symantec and Carbon Black.
The platform is designed to address the requirements of organisations that do not have fully resourced Security Operations Centres (SOCs) but are exposed to advanced cyber threats.
Go deeper with GlobalData
Access deeper industry intelligence
Experience unmatched clarity with a single platform that combines unique data, AI, and human expertise.
Broadcom describes Symantec CBX as a unified solution for enterprises with limited security staff and budgets, aiming to provide them with protection capabilities typically reserved for larger organisations.
Symantec CBX integrates Symantec’s prevention, adaptive protection, data security, cloud secure web gateway (SWG), and incident prediction features with Carbon Black’s endpoint detection and response (EDR) technology. This combination is intended to deliver threat detection, incident response, and visibility across endpoints, networks, and data environments.
The platform operates in the cloud, enabling deployment without the need for extensive on-premises infrastructure or dedicated teams.
Broadcom states that organisations previously considered less likely targets are now facing persistent threats from sophisticated attackers, including those employing nation-state tactics. Many such organisations lack access to advanced defence tools due to resource constraints and the complexity of existing solutions.
The company claims that Symantec CBX addresses these challenges by consolidating multiple security functions into a single interface and workflow.
Broadcom vice president and enterprise security group general manager Jason Rolleston said: “CBX empowers organisations of all sizes with the advanced, yet intuitive capabilities to tackle modern threats with confidence and efficiency through industry-first technologies and intelligent automation.
“The platform extends enterprise-grade protection and real-time insights to organisations that have historically been under-resourced and can no longer rely on security through obscurity.”
Symantec CBX’s Threat Tracer interface provides analysts with integrated visibility across attack surfaces including endpoint, network, email, and cloud.
The platform uses AI to correlate signals from these sources, linking related security events into high-confidence incidents. This approach is designed to reduce alert fatigue and enable SOC analysts to move directly from detection to investigation and response.
The platform incorporates Symantec Adaptive Protection, which detects and can automatically block anomalous use of legitimate software, a common method used in Living-Off-The-Land (LOTL) attacks. According to Broadcom, this feature allows security teams to identify and mitigate attacks that leverage built-in system tools rather than external malware.
Incident prediction is said to be another key component of Symantec CBX.
The platform uses AI-driven analytics to forecast an attacker’s potential next steps during an ongoing incident. These predictions are intended to help security teams pre-empt further malicious activity by shutting down attack paths before they can be exploited.
The system also generates recommendations for incident response based on these forecasts.
SymantecAI Security Assistant is included within Symantec CBX to support analysts during investigations. Drawing on threat intelligence, analytics, telemetry, and documentation, the assistant helps classify attackers, match ransomware tactics, techniques and procedures (TTPs), and surface remediation guidance.
Symantec CBX also features incident summaries derived from Symantec’s threat intelligence resources. These summaries are intended to help analysts understand the context and implications of each incident more efficiently.
By automating aspects of investigation and reporting, Broadcom aims to reduce the workload on SOC teams while maintaining situational awareness.
The company plans to make Symantec CBX available later this year through its Enterprise Security Group Catalyst Partner Programme.
In a separate development last week, Broadcom announced it has begun shipping Emulex SecureHBA, an end-to-end Post-Quantum Cryptography (PQC)-safe in-flight network encryption solution.
Emulex SecureHBA enables encryption of all in-flight data across Fibre Channel networks using PQC-safe encryption methods. The solution is designed to protect data transfers from application servers to storage against “harvest now, decrypt later” (HNDL) attacks.
Alongside Emulex SecureHBA, Broadcom introduced Emulex SAN Manager 3.0 Podman-based software solution. This tool adds security compliance reporting capabilities and allows administrators to identify and manage encrypted ports throughout the Fibre Channel environment. The software aims to simplify compliance with standards such as CNSA 2.0 and NIS2/DORA by streamlining reporting and data classification processes.
On the financial front, Broadcom released its results for the first quarter of fiscal year 2026 earlier this month. For the quarter ending 1 February 2026, the company reported revenue of $19.31bn, a 29% increase compared with the same period last year.
GAAP net income for the quarter was $7.35bn while non-GAAP net income reached $10.2bn. Broadcom provided revenue guidance of approximately $22bn for the second quarter of fiscal year 2026, an expected increase of 47% over the prior year period.
