Some combinations, like chocolate and peanut butter, can make both things — even if they’re good on their own — better. Since 2022, when Broadcom announced its intention to acquire VMware, there’s been a lot of speculation and uncertainty on what the result of this merger would be. We’ve previously shared our perspectives on this merger pre– and post-acquisition. Based on Broadcom’s acquisition track record with CA, Inc. and Symantec in 2018 and 2019 respectively, there’s been a lot of “What the heck is going on around here?!” since the Broadcom/VMware deal went through. The pricing clashes that came with CA and Symantec hit infrastructure customers, and they are not universally happy with the result.

Plans for the VMware acquisition are now coming into perspective. The VMware End-User Computing business was sold off in late February to private equity firm KKR. This is going to disrupt the virtual desktop infrastructure (VDI) and unified endpoint management (UEM) markets, especially after what Citrix customers experienced after Citrix was acquired by Vista Equity Partners and Evergreen Coast Capital. Carbon Black was the last piece of the puzzle, and it’s looked like a hot potato since the acquisition, leaving customers wondering what’s happening with the solutions they’ve deployed and rely on.

The next outstanding question was, “What is Broadcom going to do with VMware’s Carbon Black business unit?” Now we know the answer. Broadcom announced last week that it will retain the Carbon Black cybersecurity unit and integrate the Carbon Black products with the equivalent Symantec product lines into the Enterprise Security Group.

How Will The Symantec-Carbon Black Combo Work?

There are some future benefits to this combination in the endpoint security space. Symantec Endpoint Security Complete was a Strong Performer for endpoint protection in The Forrester Wave™: Endpoint Security, Q4 2023, and Carbon Black Cloud emerged as a Strong Performer in The Forrester Wave™: Endpoint Detection And Response Providers, Q2 2022. Successfully combining these two solutions can give customers a complete solution that fulfills the detect, prevent, and respond layers on the endpoint.

Some work is needed to advance the endpoint detection and response (EDR)/extended detection and response (XDR) platform to security analysts’ requirements of 2024, but this is an easier area of work for integration and innovation than the rest of Broadcom’s security offerings. Organizations currently using any of these endpoint solutions should keep in close contact with their account teams to assess the future planned Symantec/Carbon Black roadmap.

How Does This Work With The Rest Of The Broadcom Stack?

The questions mount when we look at integrations with the rest of the Broadcom stack. Both Carbon Black and Symantec have Zero Trust platforms with potential for integration, but each offering on its own needs innovation to be more competitive, so what’s the path forward here? What stays, what goes, and what’s the vision? For everything else from the Symantec side, the clouds get thicker on how these offerings come together, because as of now, Carbon Black doesn’t have anything in these spaces.

For identity and access management, could it spur collaboration to advance threat detection and response and move the platform toward identity threat detection and response? This is a solution that had a weaker vision than other providers in The Forrester Wave™: Privileged Identity Management, Q4 2023, and will need some new life to make it competitive by itself, nevermind integrating.

With data security platforms, Symantec has a strong data loss prevention offering, but the vendor is weaker in other areas such as data insight or structured data controls. What can the Carbon Black team bring to this platform beyond adding more context to alerts within XDR? It will take work from the combined product teams to bring this offering ahead to meet the challenges of securing data in the hybrid enterprise.

The same thoughts apply to the email security offering from Symantec, as it has its strengths, but it’s lagging behind the competition. It needs focused development to meet customer needs and bring it up to date.

For customers of these product sets, vision and roadmap Q&A discussions are going to be pivotal here for Broadcom to minimize client attrition.

Like the candy aisle at your favorite store, the cybersecurity space is currently quite crowded. It’s a good thing that Carbon Black isn’t going to operate independently, especially as buyers shift toward integrated platform solutions for much of their security stack.

It’s going to require a lot of time and effort, however, for Broadcom to integrate Carbon Black into Symantec and deliver something cohesive that brings value to customers. Given the crowded nature of the cybersecurity space, good execution is essential, as any misstep will cause the products to fall further behind competitors and drive current merger-weary customers to adopt solutions from other vendors.

Forrester clients can schedule an inquiry or guidance session to discuss the future of Broadcom’s security offerings and what you should do if your security stack is dependent on any of these solutions.