Broadcom rolled out a unified cybersecurity platform Monday that promises to deliver enterprise-grade capabilities to underserved mid-market organizations. The company is leaning hard on the channel to spread the word and kickstart adoption of the Symantec CBX SaaS offering, which integrates technology from several major acquisitions, including VMware.
The cloud-based offering fuses two Broadcom-owned cybersecurity assets — the Carbon Black XDR endpoint detection and response tools and Symantec attack-prevention capabilities — into a single extended detection and response platform. The aim, according to Broadcom, is to turn up the heat on cyber attackers in a part of the market that has largely been left out in the cold by the industry.
“The platform extends enterprise-grade protection and real-time insights to organizations that have historically been under-resourced and can no longer rely on security through obscurity,” Jason Rolleston, VP and GM of Broadcom’s Enterprise Security Group, said in the announcement.
As threats proliferate and attackers add AI to their arsenal, the Enterprise Security Group is aiming to expand its reach beyond enterprise customers and into small businesses, midsize companies and the managed services providers that operate in that sphere.
“Let’s take this tech to the space that is most exposed,” Rolleston told Channel Dive. “These are companies that maybe haven’t seen themselves as targets. We want to push the selling as close to the customer as we can, which means putting it in the hands of the channel partners.”
The backstory
Rolleston came to Broadcom as part of the $61 billion VMware acquisition. Although largely overshadowed by the expansive and ubiquitous virtualization software package that was central to the deal, Carbon Black, an endpoint detection platform acquired by VMware in 2019, was part of the package.
With Carbon Black, change came gradually and less disruptively than upheavals on the VMware front.
Initially, the cybersecurity company functioned as an autonomous business unit within Broadcom. “For partners, we have exciting new initiatives to discuss that will continue our commitment to delivering differentiated solutions that create opportunities for all,” Rolleston wrote in a VMware security blog post when the deal was finalized.
A few months after the VMware deal closed, Broadcom brought together Symantec, a cybersecurity company acquired for $10.7 billion in 2019, and Carbon Black under the Enterprise Security Group umbrella. In mid-2024, the newly formed cybersecurity unit tweaked its channel program to divide distribution rights geographically among five large partners — TD Synnex, Arrow Electronics, MBCOM Technologies, Westcon-Comstor and Carahsoft Technology.
“We were taking the standard Broadcom strategy of focusing on the large players and letting the other part of the market operate by itself, but we knew we needed to do something different,” Rolleston told Channel Dive.
The big middle
The SMB market presents a sizable target both for cybersecurity threats and vendors. It’s also fertile ground for the channel.
The lion’s share of more than $300 billion cybersecurity spending — north of 90% — will flow through the channel this year, according to Matthew Ball, chief analyst at Omdia, a Channel Dive sister company. More than two-thirds of global organizations planned to increase cybersecurity investments in 2026, according to a December report by cybersecurity firm Marsh Risk.
The motivation isn’t hard to divine: 7 in 10 companies experienced a material third-party incident last year, Marsh found.
“The sad reality of cybersecurity is it's very much an ambulance chasing game,” Rolleston said. “If you don't have real threats hitting these markets, nobody's buying.”
As awareness spreads, budget constraints and technological limitations leave smaller businesses vulnerable.
“Mid-market companies aren't equipped with adequate cyber defenses, because it's just too expensive to build your own security operations center, team and all these other things that enterprise-level organizations can afford,” Feris Rifai, president of the TD Synnex data security subsidiary Leap Platform, told Channel Dive. “Even MSP partners don't want multiple endpoint products to contend with — it can be an expensive operation.”
Broadcom isn’t alone in its reading of market demand. Cybersecurity vendor WatchGuard is banking on its Unified Security platform and an army of more than 17,000 MSPs and resellers to drive revenue growth, and security giant Palo Alto Networks is pursuing a platform-based approach as well.
CrowdStrike, another big player in the space, saw annual recurring revenue surpass $5 billion during the three months ended Jan. 31. The company prioritized the CrowdStrike Falcon endpoint protection, detection and response platform and saw its managed security service provider business grow more than tenfold in three years, CEO George Kurtz said during an investor call earlier this month.
As competition for the vast midsection of the cybersecurity market mounted, Broadcom beefed up the Symantec platform last year with a twist on the generative AI strategy. Rather than feeding a foundation model with language, it trained it with over 500,000 attack chains.
The feature is designed to predict an attacker's next move, Rolleston said. “We can actually see things and say not just ‘This happened,’ but ‘Oh, they're probably going to do A or B next,’” he added.
Generative AI is also behind several capabilities embedded in the Symantec CBX release, which the company said will be available later this year through the Catalyst Partner Program.
“Carbon Black generates a lot of data,” Rolleston said. “But, if you wanted to search it, you had to know the query language. Now, you can just ask it what it knows about a threat and it will come back with a two- or three-page answer that you can give to your CEO.”
At the SMB level and even for many enterprises, simplification is the key to robust security.
“Where cybersecurity fails, it's usually not technology — it fails in execution,” Rifai said. “If you throw together all these point solutions, you create an operation bottleneck.”
With Symantec CBX, Broadcom aims to reduce those upfront integration headaches for both the customer and the partner, without sacrificing deterrence or incident response capabilities.
“You don't have to be faster than the bear if you’re a small company,” Rolleston said. “You just have to be faster than your friend. This is not about having perfect security. It's about having good enough security to deflect attackers.”
