Broadcom has introduced Symantec CBX, a new cloud-based XDR platform designed to deliver enterprise-level security capabilities to organizations that lack large security operations centers or extensive specialized teams. The announcement was made on March 23, 2026, at the start of RSA Conference 2026, marking the first direct integration of advanced Symantec and Carbon Black technologies within a single offering.
The company places the product in a very specific market segment: security teams and organizations that must defend against advanced threats but do not have the resources, time, or integration capacity typically required by more complex platforms. Broadcom claims that CBX combines prevention, detection, and response in a more unified and manageable experience, though its general availability is not immediate: the platform will be launched later this year through the group’s Catalyst Partner Program.
A New Attempt to Simplify Advanced Security
This move is not happening out of nowhere. Broadcom has been working to align the Symantec and Carbon Black portfolios for some time. In 2024, it unified both brands under its Enterprise Security Group and has since been developing a more integrated commercial and technical strategy around them. CBX now appears as the most visible expression of this roadmap: a platform that combines Symantec’s historical prevention, data security, and web filtering capabilities with Carbon Black’s traditional EDR and deep visibility features.
According to Broadcom, CBX integrates prevention, Adaptive Protection, Data Security, Cloud SWG, and Incident Prediction functions from Symantec with Carbon Black’s EDR technology, adding a layer of signal correlation across endpoints, network, cloud, identity, and data. The goal is to reduce the need for analysts to switch between multiple tools or interpret an avalanche of scattered alerts, instead working on already correlated incidents with more context. On paper, this promise addresses one of the major frustrations in the XDR market: transforming vast telemetry into less noise and greater operational capability.
Designed for Markets with Limited Personnel and High Pressure
The commercial opportunity behind the announcement is clear. Broadcom emphasizes that many medium, small, and even large organizations with lean security teams are already facing sophisticated attackers without fully mature SOCs. This approach aligns with findings from other industry studies. ISC²’s Cybersecurity Workforce Study 2025 reports that 33% of respondents said their organizations lacked sufficient resources to adequately staff security teams, and 29% couldn’t afford to hire personnel with the capabilities they truly needed. Additionally, 72% believe that reducing security staff significantly increases the risk of a breach.
In this context, Broadcom aims to sell CBX not as a “cut-down” platform but as a way to bring functions previously associated with more costly and complex deployments. Key capabilities include the Secure Web Gateway, sensitive data scanning, unified visibility with Threat Tracer, attack detection and blocking of Living-off-the-Land techniques through Adaptive Protection, and a security assistant trained with telemetry, threat intelligence, and documentation from Symantec. The company also states that 85% of incident flags come with recommendations based on incident prediction, which they present as evidence that automation can aid less experienced analysts as well.
AI, Prediction, and Integration: A Core Focus
One of the most striking aspects of the launch is Broadcom’s emphasis on Artificial Intelligence. CBX not only promises to correlate signals across different attack surfaces but also to anticipate the attacker’s next four or five moves using Incident Prediction. Additionally, SymantecAI Security Assistant aims to help classify attackers, relate ransomware tactics and techniques, and provide remediation guidance. It’s important to note that these functions are presented as competitive advantages, but their actual effectiveness in improving response capabilities without overreliance or undue trust in automated recommendations remains to be seen in real-world deployments.
The simplification also extends to the channel. Broadcom has confirmed that CBX will be sold through its Catalyst Partner Program, launched in 2024 to handle the sales, deployment, and support of Symantec and Carbon Black via a network of regional specialized partners. This decision indicates that the company does not intend to restrict this product to large accounts with mature internal teams but also to serve customers who depend more heavily on partners for deployment and operation of cybersecurity solutions. Broadcom previously introduced Catalyst as a way to bring advanced solutions to markets where proximity, local deployment, and support are as important as the technology itself.
More Than a New Product, a Strategic Signal
The launch of CBX should also be viewed as a strategic move by Broadcom at a sensitive time for its reputation in the European market, especially following the VMware controversy. In security, the company aims to project a different message: integration, portfolio continuity, and innovation capacity built on assets inherited from past acquisitions. Broadcom acquired Symantec’s Enterprise Security business for $10.7 billion in 2019, and Carbon Black later became part of its portfolio through the VMware acquisition. CBX represents, in practice, the first major realization of this convergence in a marketable product.
However, how it performs in the market remains to be seen. Broadcom has stated that current customers can easily migrate to CBX and that the product will be available later this year. Nevertheless, the company has not provided an exact release date or pricing details. This is a critical point, as much of the appeal depends on whether Broadcom can make a platform with enterprise ambitions genuinely affordable, easy to deploy, and useful for resource-constrained teams. If successful, CBX could find a substantial market; if not, it risks joining the long list of solutions that promise to simplify everything but end up requiring more integration and expertise than the customer initially had.
Frequently Asked Questions
What is Symantec CBX?
It is a new cloud-based XDR platform announced by Broadcom, bringing together Symantec and Carbon Black technologies to deliver prevention, detection, and response in a single solution tailored mainly for security teams with limited resources.
What technologies does CBX specifically combine?
Broadcom states that it integrates features from Symantec such as prevention, Adaptive Protection, Data Security, Cloud SWG, and Incident Prediction with Carbon Black’s EDR technology.
When will Symantec CBX be available?
Broadcom has announced that it will launch later in 2026 via the Catalyst Partner Program. An exact general availability date has not yet been specified.
Who is the target customer for CBX?
The platform is aimed at organizations that don’t have a large or highly specialized SOC but still require advanced threat protection capabilities against complex attacks.