Endpoint Security , Next-Generation Technologies & Secure Development
Broadcom Axes Carbon Black Sale, to Merge Unit With Symantec
CEO Hock Tan: Joining Carbon Black, Symantec Generates More Value for ShareholdersIt turns out the promise of Carbon Black once again being an independent company was short-lived.
See Also: 2024 Threat Landscape: Data Loss is a People Problem
Three months after declaring "Carbon Black is back," the Boston-area endpoint detection and response firm was gobbled up by Broadcom and folded into the behemoth's Symantec security unit. Broadcom inherited Carbon Black in November as part of its $69 billion acquisition of VMware, and said 15 days later it would divest Carbon Black since it's a "noncore focus" and promised to find a "good home."
A quarter later, Broadcom executives are singing a very different tune. Bloomberg first reported Feb. 26 that Carbon Black wouldn't be sold anytime soon after indications of interest in the division fell short of Broadcom's expectations. Palo Alto, California-based Broadcom had been looking to fetch $1 billion for Carbon Black - including debt - but offers at that dollar figure remained elusive, Bloomberg reported (see: What's Next for Carbon Black Now That Broadcom Sale Is Dead?).
"We would generate more value to our shareholders by taking Carbon Black - which is not that big - and integrating it into Symantec," Broadcom President and CEO Hock Tan told investors Thursday. "By doing that, we would generate much better value to our shareholders than taking a one-shot divestiture on this asset, which is not particularly large to begin with."
Broadcom's Vision for the Enterprise Security Group
Chief Financial Officer Kirsten Spears told investors the decision to retain Carbon Black and merge it with Symantec won't have a significant impact on Broadcom's revenue or profitability. VMware paid $2.1 billion to buy Carbon Black back in October 2019. Broadcom was successful in offloading VMware's end-user computing business, agreeing Feb. 26 to sell it to KKR later this year for roughly $4 billion.
A day after Broadcom's earnings call, the leader of the company's new Enterprise Security Group laid out his vision for the future of the Symantec and Carbon Black portfolios. General Manager Rob Greer claimed Symantec's portfolio concentrates on data and network protection, and he said bringing that together with Carbon Black's endpoint and application chops will allow for more visibility and control.
Greer said Broadcom will invest in research and development to improve and extend the life of products Symantec and Carbon Black customers are using across both on-premises and hybrid clouds. Defenders will be better equipped to protect their infrastructure by combining offerings like Symantec's protection of traditional data center workloads with Carbon Black's complementary data center security technology.
"Both Carbon Black and Symantec have existing engineering sites in India," Greer wrote in a blog Friday. "While we see the opportunity to converge them, we do not expect to make headcount reductions in those sites. In fact, we plan to make more investments in India."
How Carbon Black, Symantec Stack Up To Their Peers
Having said that, Techzine reported late last month that a major round of layoffs is expected for Carbon Black in March followed by a merger in Symantec. Ex-Carbon Black General Manager Jason Rolleston - who's now chief product officer for Broadcom's enterprise security group - alluded to job cuts at Carbon Black in a LinkedIn post Friday.
"The last couple years have been pretty intense living with the uncertainty around what would happen to Carbon Black. With today's announcement, that uncertainty is over and the next phase begins," Rolleston wrote. "If you have a chance to hire any of the folks that are not continuing with us on this journey, do it in a heartbeat."
The union between Carbon Black and Symantec creates an $869 million endpoint security business, which is the industry's fourth-largest behind only Microsoft, CrowdStrike and Trend Micro and ahead of antivirus stalwarts such as Trellix and Sophos. But unlike the total endpoint security industry - which grew by 29.2% in 2022 - the combined Symantec-Carbon Black business expanded by just 1% in 2022.
Both businesses lost ground in recent years to established players such as Microsoft and CrowdStrike as well as new entrants like Palo Alto Networks and SentinelOne. Carbon Black and Symantec both were named as niche players by Gartner in its 2023 Endpoint Security Magic Quadrant, while Forrester named Symantec a strong performer and Carbon Black a contender in this year's Endpoint Security Wave.