Fact-checked by Grok 2 weeks ago

Symantec Endpoint Protection

Symantec Endpoint Protection (SEP) is a comprehensive client-server solution developed by Corporation, a subsidiary of Inc., designed to safeguard laptops, desktops, servers, and mobile devices against , , zero-day threats, and advanced persistent attacks. It employs multilayered defenses, including signature-based antivirus, behavioral analysis, intrusion prevention, and machine learning-driven detection, to proactively block threats across the attack chain while minimizing performance impact on protected systems. Deployable in on-premises, cloud-based, or hybrid environments, SEP integrates with a centralized console for enforcement and , supporting both physical and virtual endpoints. Originally launched in as version 11.0, SEP evolved from Symantec's earlier antivirus products to address the growing complexity of cyber threats, incorporating advanced features like adaptive protection and cloud intelligence over subsequent releases. Following Symantec's acquisition by in 2019, the platform has been enhanced with integrations such as mobile threat defense from the Skycure acquisition and protection from Networks, consolidating into a single-agent for . The current 14.x series, updated as recently as , emphasizes AI-guided policy management, threat hunting, and automated response capabilities, maintaining SEP's position as an industry standard validated by independent testing for high efficacy against evolving risks. Key components of SEP include the Endpoint Protection Manager for centralized administration, the Symantec Endpoint Agent for device-level enforcement, and ongoing security content updates delivered via Broadcom's Global Intelligence Network, which leverages global threat intelligence to ensure timely protection. This integrated approach not only prevents breaches but also supports compliance with regulatory standards through features like device control, application control, and firewall management, making it suitable for enterprises of varying scales.

History

Origins and Early Development

Symantec Corporation was founded in 1982 by Gary Hendrix, initially focusing on and database management software. The company went public in 1989 and pivoted toward utility and security products amid growing demand for PC tools. In 1990, Symantec acquired Peter Norton Computing for its popular , which propelled the company into the antivirus sector; this led to the development and 1991 launch of , establishing Symantec as a leader in consumer protection. By the early 2000s, had extended its antivirus expertise to enterprises through products like Symantec AntiVirus Corporate Edition, but evolving threats such as zero-day exploits and network-based attacks highlighted limitations of standalone solutions. To address this, pursued strategic acquisitions, including in 2005 for and technologies, and WholeSecurity in 2005 for behavioral-based threat detection. These moves laid the groundwork for a unified enterprise platform, shifting focus from reactive antivirus to proactive, integrated . In July 2007, Symantec announced 11.0 as a cornerstone of its "Security 2.0" vision, which emphasized consolidated security to simplify deployment and management in enterprise environments. The product officially launched in September 2007, combining Symantec AntiVirus Corporate Edition's scanning, Sygate's and intrusion prevention, WholeSecurity's heuristics for unknown threats, and additional client security features into a single agent. This integration represented key early milestones, including host- and network-based intrusion prevention systems (), application/device control, and antispyware capabilities, all managed via a centralized console. The development goals centered on reducing by minimizing agent sprawl and administrative complexity, while bolstering defense through behavioral analysis and Symantec's Intelligence Network, which monitored threats across 120 million systems worldwide. This approach established Symantec Endpoint Protection as a comprehensive suite for enterprise endpoint defense, moving beyond traditional antivirus to address multifaceted risks.

Acquisitions and Ownership Changes

Symantec's development of endpoint protection solutions was bolstered by strategic acquisitions, including the purchase of Altiris in 2007 for $830 million, which integrated advanced IT and endpoint deployment tools into its portfolio. This acquisition enhanced Symantec's capabilities in , allowing for more comprehensive and in environments. In August 2019, Broadcom announced its acquisition of Symantec's enterprise security business, including Endpoint Protection, for $10.7 billion in cash, with the deal closing on November 4, 2019. Following the acquisition, the business operated as the Symantec Enterprise division under Broadcom, led by Art Gilliland as Senior Vice President and General Manager, marking a shift from Symantec's standalone structure to integration within Broadcom's broader software portfolio. Post-acquisition, underwent rebranding to in certain contexts, reflecting alignment with Broadcom's enterprise-focused strategy. The integration emphasized long-term growth over short-term revenue pressures, with enhancements in cloud-native capabilities to support scalable deployment across hybrid environments. Strategically, this ownership change prioritized enterprise scalability and deeper integration, such as advanced incident prediction features that leverage to anticipate cyber threats, thereby strengthening resilience for large-scale operations.

Version Timeline

Symantec Endpoint Protection version 11.0 was released in 2007 as the initial unified suite, combining antivirus, antispyware, and capabilities into a single client. This version marked Symantec's shift toward integrated protection for enterprise endpoints, with subsequent maintenance releases like MR1 in December 2007 addressing initial stability issues. Support for version 11.0 ended on January 5, 2015, after which no further updates or definitions were provided. Version 12.x began with the release of 12.0 in February 2011, introducing early cloud-based management options through integration with Symantec's service for enhanced threat intelligence sharing. Subsequent updates, such as 12.1 RU4 in October 2013, expanded support to include devices alongside traditional desktops and servers. The 12.x series received ongoing rollups until 2016, but version 12.1 reached end of standard support on April 3, 2019, with extended support concluding on April 3, 2021, leading to around 2020. Version 14.0, released in November 2016, represented a major overhaul incorporating for improved network-level threat detection. The series evolved through multiple updates, with version 14.3 launching in May 2020 and reaching 14.3 RU8 by August 2023. Ongoing enhancements continued into 14.3 RU10 in February 2025. In 2025, releases such as 14.3 RU10 Refresh in April included ERASER Engine enhancements to version 119.1.7.8 for better performance and compatibility, alongside expansions in operating system support for and . These updates reflect Broadcom's influence following its 2019 acquisition of Symantec's enterprise security business, prioritizing cloud-native integrations. End-of-life milestones for older versions, including the full deprecation of 12.1 in 2020, prompted migrations to the 14.x lineage to maintain compatibility with modern endpoints. As of November 2025, version 14.3 remains the active branch, with support extending through at least December 31, 2025, for base 14.3.

Product Overview

Core Components

Symantec Endpoint Protection (SEP) is built around a modular that includes client-side agents, management consoles, and backend services to deliver across diverse environments. The primary components enable real-time protection, policy enforcement, and centralized oversight, forming the foundational building blocks of the suite. The software serves as the component installed on individual endpoints, such as desktops, laptops, and servers, to provide on-device enforcement and scanning capabilities. It communicates with management servers to receive policies and updates, ensuring consistent protection without requiring constant connectivity. This lightweight is designed for minimal performance impact while handling core tasks locally. Centralized management is facilitated by the (SEPM), an on-premises server application that includes a web-based console for administrators. SEPM handles policy creation, distribution, client registration, and event monitoring, often paired with an or a for larger deployments exceeding 5,000 endpoints. It supports remote access for multiple administrators, enabling scalable oversight in enterprise settings. For organizations preferring cloud-based or hybrid models, the Endpoint Security (SES) cloud console provides a fully managed as an alternative to SEPM. This web-accessible allows deployment, device management, and directly from the , integrating seamlessly with on-premises components for flexible architectures. SES emphasizes a single-console approach to streamline operations across distributed environments. Backend services underpin the suite through integration with Symantec's Global Intelligence Network, which aggregates threat data from millions of endpoints worldwide to enhance collective defenses. Additional elements like LiveUpdate Administrator and Group Update Providers (GUPs) facilitate the distribution of security definitions and content updates, with GUPs acting as intermediaries to offload traffic from the primary management server and support remote clients efficiently. As of 2025, SEP maintains broad compatibility with major platforms, including Windows, macOS, and operating systems, as well as virtualized environments such as and . This cross-platform support ensures the agent and management components function consistently across physical, virtual, and cloud-hosted endpoints.

Deployment and Management Models

Symantec Endpoint Protection supports multiple deployment models to accommodate diverse organizational needs, including on-premises, cloud-based, and configurations. The on-premises model utilizes the Symantec Endpoint Protection Manager (SEPM) server, providing full administrative control over endpoints in environments such as air-gapped or restricted networks where connectivity is limited or prohibited. This approach is particularly suitable for or high-security settings requiring extensive client options without reliance on external services. In the cloud-based model, Symantec Endpoint Security Cloud enables scalable, subscription-based management through a centralized cloud console, eliminating the need for on-premises and reducing deployment . This option delivers unified visibility across devices, supports remote locations, and incorporates advanced features like automated threat response, making it ideal for organizations seeking minimal server overhead and rapid scalability. The single-agent architecture simplifies administration for Windows, , , and mobile endpoints, with protection extended via global threat intelligence. A approach combines on-premises SEPM with the Endpoint Security cloud console, allowing organizations to manage or unsupported operating systems through SEPM while leveraging capabilities for endpoints. This model facilitates gradual migration to full management and requires SEPM along with clients 14.3 MP1 or later for . Agents and select policies are handled via the , while earlier clients remain under SEPM control, offering flexibility for transitional environments. Installation processes for involve deploying the management server and agents tailored to the chosen model. For the SEPM server, extraction of the file to a physical disk followed by running Setup.exe initiates the process, including acceptance, folder selection, and post- configuration of the server and database. Agent rollout supports methods such as creating redistributable packages for deployment via Objects (GPO), IT Management Suite, or direct device ; inviting users via email links for self-; network discovery and push deployment for unmanaged devices (Windows only); and integration with (UEM) tools for importing and enrolling devices. These approaches enable scalability for environments, with best practices recommending client-to-server ratios and database to handle large numbers of endpoints efficiently. Auto-updates can be configured post- to maintain agent currency without manual intervention. Policy management across models emphasizes centralized control and customization. In the on-premises SEPM, default policies are generated during and can be tailored to specific environments, enabling administrators to enforce settings on client computers through various types. For and hybrid setups, Endpoint Security uses templates and groups to apply multiple policies simultaneously to devices or groups, with role-based access controlling tasks like creation, upgrades, and exports. Version history tracks changes with comments, and automated updates from periodically refresh templates, allowing seamless upgrades to incorporate the latest protections as of 2025 releases.

Features

Threat Detection and Prevention

Symantec Endpoint Protection employs a multi-layered approach to threat detection and prevention, combining traditional and proactive mechanisms to identify and block , network-based attacks, and unauthorized activities at the endpoint level. Signature-based detection forms the foundational layer of antivirus protection, relying on a database of virus definitions to scan files and identify known threats such as , , Trojans, , bots, , and rootkits. These definitions are updated frequently through LiveUpdate, typically multiple times per day, to ensure protection against the latest identified signatures. Heuristic and behavioral complements signature-based methods by and application behaviors in to detect suspicious patterns indicative of or evolving threats. This includes tracking over 1,400 specific behaviors during execution to identify anomalies, such as attempts involving encryption or the use of double names, as seen in variants like . The provides network-level defense by inspecting traffic for exploits and blocking malicious activities during the infestation and phases. As a secondary layer after the , IPS uses signature-based rules to prevent known attacks and extends protection to zero-day threats by analyzing packet payloads for anomalous patterns. Firewall integration enhances through a host-based rules engine that controls inbound and outbound traffic based on predefined policies. Administrators can configure rules specifying allowed hosts, ports, and applications, effectively blocking unauthorized connections and social engineering attempts that could lead to infiltration. Real-time protection operates through on-access scanning, which examines files as they are opened, executed, or downloaded to prevent threats from activating. This includes immediate analysis using matching and behavioral checks, ensuring proactive blocking without relying solely on scheduled scans.

Advanced Security Capabilities

Symantec Endpoint Protection incorporates AI-powered detection through advanced (AML) models that identify anomalies in files and behaviors by analyzing subtle correlations and patterns derived from global data. These models, integrated into components like the Static Data Scanner and behavioral analysis, enable predictive threat hunting by learning from Symantec's intelligence network to anticipate and block emerging threats before they execute, achieving high detection rates such as 99% for online threats when combined with cloud-based validation. Behavioral blocking in leverages , a cloud-based service that evaluates file s across a of billions of daily file interactions to provide zero-day protection against unknown threats. This system uses scoring heuristics and process execution rules to monitor and block malicious activities in , correlating user, file, and network data to convict entire attack groups through lineage tracking and special signatures, thereby reducing false positives while enhancing detection of fileless and living-off-the-land attacks. The (EDR) capabilities offer real-time visibility and response to advanced persistent threats (APTs) by employing and behavioral analytics to detect suspicious activities on endpoints, such as unauthorized launches or modifications. EDR stores in a for forensic analysis, prioritizing incidents based on risk and enabling rapid through smart alerts, which supports proactive and of APTs across Windows and macOS environments. Device control features enforce granular restrictions on USB drives, peripherals like printers and modems, and other external to prevent , allowing administrators to block read/write access or mounting based on device type and policy rules. These controls log detections and notify users, supporting both Windows and macOS platforms with options for allow/block lists that prioritize higher-order rules, thereby mitigating risks from unauthorized without impacting approved operations. As of the October 2025 updates, Adaptive Protection dynamically adjusts security levels by profiling application behaviors against global threat telemetry and prevalence data, blocking or isolating high-risk actions from trusted tools like when they deviate from established norms. This risk-based approach uses MITRE ATT&CK mappings and behavioral heat maps to tune policies automatically, reducing attack surfaces for living-off-the-land techniques while allowing exceptions for legitimate use, all managed through a centralized console.

Integration and Reporting Tools

Symantec Endpoint Protection provides robust API integrations that enable seamless connectivity with (SIEM) tools such as , allowing organizations to collect server and client activity logs for centralized monitoring and analysis. The product's REST and Event Stream API support real-time event streaming to SIEM systems, facilitating the export of system events and security incidents for enhanced visibility across environments. Additionally, compatibility extends to security orchestration, automation, and response (SOAR) platforms, including QRadar SOAR, D3 SOAR, and XSOAR, where the enable automated enrichment, investigation, and remediation actions such as querying endpoints for indicators of compromise. The third-party ecosystem surrounding Symantec Endpoint Protection has been strengthened through Broadcom's integration of Symantec with Carbon Black, combining Symantec's prevention-focused tools with Carbon Black's endpoint detection and response (EDR) capabilities for extended threat detection and closed-loop analysis. This partnership influences post-acquisition enhancements, enabling real-time detection, investigation, and prevention of advanced threats by leveraging Carbon Black Cloud's forensic features alongside Symantec's core protections. Other integrations include compatibility with tools like Elastic and Datadog for log ingestion, further expanding the ecosystem for comprehensive security operations. Reporting dashboards in Symantec Endpoint Protection offer customizable interfaces for incident analysis, compliance auditing, and integration with threat intelligence feeds, accessible via the Home page in the Symantec Endpoint Security console. Users can tailor widgets to display key performance indicators such as open incidents, risk distribution over time, and top infection actors, drawing from event data collected across endpoints to support auditing and threat trend visualization. Predefined and user-specific views in categories like Threat Analytics and Security Operations allow for the generation of quick reports on detection types, severity levels, and MITRE ATT&CK tactics, with logs exportable in formats compatible with external intelligence sources. Automated workflows in include actions that isolate compromised devices from upon detecting or risks, configurable through in the management console to forward infected files centrally for analysis. features support reverting virus definition updates via the Endpoint Protection Manager, allowing administrators to backdate protections in response to compatibility issues or false positives. notifications are generated for events like Auto-Protect detections and changes, with customizable options to notify users or administrators via or the console, integrating with broader SOAR playbooks for automated responses. Forensics tools in the 2025 versions of enable incident through forensic , which gathers device artifacts like process lists and file details when incidents are triggered. views provide a scaled of events over 24-hour periods, allowing analysts to reconstruct attack sequences and correlate activities for deeper insights into threats. These capabilities, enhanced by integration, support post-incident analysis without native packet capture, focusing instead on endpoint-centric forensics.

Vulnerabilities

Historical Security Issues

Symantec Endpoint Protection encountered notable security vulnerabilities prior to 2020, centered on s and protective bypasses in its client software and management infrastructure. These issues stemmed from flaws in tamper protection and code validation processes, potentially enabling local attackers to undermine the product's defenses. A key example is CVE-2019-12757, a local that allowed attackers to bypass tamper protection and elevate rights. This flaw affected versions prior to 14.2 RU2, requiring local but exploitable when tamper protection was disabled. addressed it in the November 2019 release of 14.2 RU2, which introduced fixes to strengthen controls. CVE-2019-12758 represented another critical bypass, where improper DLL loading from the current enabled the execution of unsigned malicious payloads, circumventing self- features. Impacting versions prior to 14.2 RU2, this was demonstrated by researchers to facilitate defense evasion on affected systems. It was patched alongside CVE-2019-12757 in the 14.2 RU2 update, with recommendations to enable full tamper protection. Early 2020 disclosures revealed additional flaws, including CVE-2020-5821, a vulnerability in client versions prior to 14.3 RU1. These issues, part of a broader set affecting both clients and the Endpoint Protection Manager, were resolved through targeted Rollup Updates issued by in March 2020. The scope of these pre-2020 vulnerabilities primarily involved local privilege escalations and bypasses that could extend to the management server, risking unauthorized control over endpoint fleets in environments. In response, —following its November 2019 acquisition of Symantec's enterprise security division—mandated immediate patching for vulnerable installations and rolled out enhanced tamper protection in subsequent updates to mitigate recurrence of such bypasses.

Recent Vulnerabilities and Responses

In recent years, Symantec Endpoint Protection (SEP) has faced several vulnerabilities primarily affecting its Windows agent and management components, with issuing patches and advisories to mitigate risks. These issues, starting from 2020, highlight challenges in privilege management and remote access controls, prompting enhanced remediation measures. One notable vulnerability is CVE-2022-37016, a flaw in the SEP Windows agent that allows attackers to access unauthorized resources. This critical issue, scored at CVSS 9.8, impacts versions up to and including 14.3.5. addressed it through updates released in late 2022, recommending immediate upgrades to patched versions. In 2025, the Engine in SEP encountered an elevation of vulnerability identified as CVE-2025-3599, with a CVSS score of 7.5 (High). Affecting ERASER Engine versions prior to 119.1.7.8 on Windows agents, it could enable attackers to delete protected resources via network access. issued a security advisory on April 29, 2025, and resolved the issue by upgrading to ERASER Engine 119.1.7.8 or later. Broadcom's response strategies emphasize proactive defenses, including enforced auto-updates via the LiveUpdate mechanism to deliver patches and definitions automatically, minimizing unpatched exposure. Additionally, integration with vulnerability scanning tools within the SEP suite allows for ongoing assessment of endpoint risks. The company recommends adopting zero-trust architecture principles, as outlined in its , to verify access continuously and limit lateral movement in the event of exploitation. For ongoing monitoring, integrates SEP with its advisories portal, providing real-time notifications and proactive patching guidance to ensure timely responses to emerging threats.

Reception

Critical Reviews and Ratings

, now part of 's portfolio, has been consistently recognized as a leader in professional analyst evaluations for endpoint protection platforms. Symantec was included as a vendor in the 2025 for Endpoint Protection Platforms. On Peer Insights, the product earns an average rating of 4.4 out of 5 from over 2,300 verified reviews, with users highlighting strong threat detection, intuitive management, and reliable performance, though some note challenges with deployment complexity in large-scale environments. Independent testing labs have awarded high marks for detection efficacy and minimal disruptions. In AV-TEST Institute's 2025 evaluations for business Windows endpoints, Endpoint Security Complete achieved top-product status, scoring 6/6 in protection for 100% detection of known threats, alongside near-perfect usability but with minor deductions for system performance impact during intensive scans. Market analyses underscore its strong position, with identifying as a global leader in market share. According to 2024 Datanyze data, it captures the second-largest share at 11.5% of the protection market, behind Trend Micro's 16.3%. Criticisms in reviews occasionally point to slower adaptation to emerging zero-day threats compared to cloud-native rivals like , which prioritize real-time behavioral analysis, alongside noted complexity in configuration for non-expert administrators.

User Experiences and Market Position

Users of Symantec Endpoint Protection frequently praise its reliability in threat detection, particularly for blocking through behavioral analysis and file-based protection mechanisms. On TrustRadius, reviewers highlight its effectiveness in managing large-scale deployments across enterprises, with central management tools enabling seamless policy enforcement and updates. For instance, a 2025 review noted its strong performance in restricting USB access and halting infections, contributing to an overall rating of 8.4 out of 10 from 175 users. Similarly, users commend the software's consistent protection and lightweight background operation on modern hardware, averaging 4.4 out of 5 from over 500 reviews as of 2025. However, common criticisms include high on older , which can lead to slowdowns, and a steep for customizing the console. TrustRadius feedback points to challenges in integrating with servers and occasional issues with specialized software, requiring additional time. Deployment is generally straightforward for enterprises but may involve hurdles in setups, as noted in experiences emphasizing the need for better live update processes. In the market, holds a strong position as the second-largest vendor in the global sector, capturing 11.5% share as of 2024 Datanyze data and continuing robust adoption into 2025, particularly among small and medium-sized businesses (SMBs) and large enterprises seeking comprehensive protection. Compared to Defender for Endpoint, which excels in native Windows and cost efficiency for Microsoft-centric environments, Symantec offers broader multi-platform support but lags in seamless ecosystem alignment. Against , Symantec provides solid endpoint detection and response (EDR) capabilities, though SentinelOne is favored for faster autonomous remediation in dynamic threat scenarios. Post-acquisition by in 2019, adoption trends show a marked shift toward cloud-managed models, with environments experiencing significant growth in 2025 due to flexible deployment options that blend on-premises and consoles. This transition supports secure workload migration and enhances scalability for organizations embracing remote and work, as evidenced by 's emphasis on -based for compliance and threat prediction.

References

  1. [1]
    What is Symantec Endpoint Protection? - TechDocs
    Apr 16, 2025 · Symantec Endpoint Protection is a client-server solution that protects laptops, desktops, and servers in your network against malware, risks, and ...
  2. [2]
    Symantec™ Endpoint Security Solutions - Broadcom Inc.
    Symantec protects all your traditional and mobile endpoint devices with innovative technologies for attack surface reduction, attack prevention, breach ...Prevent endpoint breaches · End-User Protection · Symantec Enterprise
  3. [3]
    Symantec Endpoint Protection features - TechDocs
    Symantec Endpoint Protection (SEP) uses the following core features to protect against known and unknown threats.
  4. [4]
    Symantec Endpoint Protection: 2025 Full Review & Rival Comparison
    Mar 5, 2025 · Symantec launched its Endpoint Protection product in 2007. Already realizing that straightforward antivirus systems were no longer treated with ...
  5. [5]
    [PDF] Symantec®: A Rich History of Security Innovation - SHI
    Newly developed Cloud Firewall Service launched and added to all SWG customers. • Selective traffic steering integrated into Secure Web Gateway and the ...
  6. [6]
    Versions, system requirements, release dates, notes, and fixes for ...
    Oct 1, 2025 · This article contains the following information and links for current versions of Symantec Endpoint Security (SES) and Symantec Endpoint Protection (SEP).
  7. [7]
    What's new for all releases of Symantec Endpoint Protection (SEP ...
    Apr 24, 2025 · You can view a list of the changes for all versions of Symantec Endpoint Protection 14.x. This list includes the added operating system support, added browser ...
  8. [8]
    Symantec™ Endpoint Security | End-User Protection - Broadcom Inc.
    Symantec Endpoint Security delivers the most complete, integrated endpoint security platform on the planet. As an on-premises, hybrid, or cloud-based solution.
  9. [9]
    [PDF] Symantec Endpoint Protection 15
    SEP protects endpoints regardless of where attackers strike on the attack chain as shown in Figure 3. SEP security efficacy leads the industry as validated by ...
  10. [10]
    The Demise Of Symantec - Forbes
    Mar 16, 2020 · The acquisition, along with Guardian Edge, announced at the same time (an additional $70 million) gave Symantec an endpoint encryption solution.
  11. [11]
    The evolution of Norton™ 360: A brief timeline of cyber safety
    Aug 8, 2018 · Symantec was one of the earliest companies to fight viruses. The company began to develop a DOS-based antivirus program in 1989. That same year, ...2. Norton Antivirus (1991) · 6. Norton Security (2014) · Now Nortonlifelock: The...Missing: 1980s endpoint
  12. [12]
    Symantec Focuses On Compliance With Sygate Purchase - CRN
    Aug 19, 2005 · Sygate&'s network access control products enforce security by ensuring that all devices connected to a network are running the appropriate ...Missing: WholeSecurity 2000s
  13. [13]
    Symantec buys antiphishing firm WholeSecurity | ZDNET
    Sep 22, 2005 · Symantec has agreed to acquire privately held WholeSecurity, which makes products to fight phishing scams and detect malicious code attacks.Missing: 2000s | Show results with:2000s
  14. [14]
    The EDR That Became Legend | SECURITY.COM
    Jan 22, 2025 · 2024: Two industry legends, Symantec and Carbon Black unite forces to form Broadcom's new Enterprise Security Group. And the rest is history.
  15. [15]
    Symantec raises bar for Enterprise Security - Financial Mirror
    Jul 9, 2007 · Symantec Corp. announced a significant step in its Security 2.0 vision with the introduction of Endpoint Protection 11.0 and Network Access ...
  16. [16]
    Step Up to SEP | BizTech Magazine
    Dec 13, 2007 · Symantec Endpoint Protection 11.0 is a single product that represents the culmination of Symantec's recent purchases of Sygate and Whole ...Missing: acquisitions | Show results with:acquisitions
  17. [17]
    Symantec to acquire Altiris in $830 mln deal - Reuters
    Aug 9, 2007 · Symantec said it signed a definitive agreement to acquire Altiris for $33 per share, equivalent to a 21.6 percent premium over Altiris' ...
  18. [18]
    Symantec acquires Altiris | SC Media
    Jan 29, 2007 · Symantec will acquire enterprise management software provider Altiris, the two companies announced today.
  19. [19]
    Symantec To Acquire Altiris - CRN
    Jan 29, 2007 · With the acquisition of Lindon, Utah-based Altiris, Symantec will have the tools to further diversify into a broad, IT network management vendor ...
  20. [20]
    Broadcom to Acquire Symantec Enterprise Security Business for ...
    Broadcom will pay Symantec $10.7 billion in cash at closing. Broadcom intends to fund the transaction with proceeds from new committed debt financing.
  21. [21]
    Broadcom Completes Acquisition of Symantec Enterprise Security ...
    Nov 4, 2019 · Symantec's Enterprise Security business will now operate as the Symantec Enterprise division of Broadcom and will be led by Art Gilliland as SVP and General ...
  22. [22]
    Broadcom Introduces Industry's First Incident Prediction Capability to ...
    Apr 15, 2025 · Leveraging advanced AI, Symantec Endpoint Security can predict cybercriminals' moves in the attack chain, quickly stop them and return ...Missing: implications acquisition
  23. [23]
    [PDF] Driving the Future of Security Innovation White Paper - Broadcom Inc.
    Since its acquisition by Broadcom in 2019, Symantec Enterprise has continued to refine and integrate key security technologies, along with replatforming its ...
  24. [24]
    Symantec's Strategy as a Broadcom Unit - BankInfoSecurity
    Mar 25, 2020 · Innovation, consolidation and integration will be key areas of focus for Symantec's enterprise security business following its acquisition ...Missing: implications | Show results with:implications
  25. [25]
    https://community.broadcom.com/symantecenterprise/viewdocument?DocumentKey=07c03a9a-577d-4fec-9e0f-f1fbd29bb1d2
  26. [26]
    Symantec Endpoint Protection 11.0.x End of Support Life. - Security
    Mar 4, 2015 · On January 5th, 2015, Symantec Endpoint Protection 11.0.x and Symantec Endpoint Protection Small Business Edition 12.0 will reach End-of-Support-Life.
  27. [27]
    Symantec unveils Endpoint Protection 12 | IT Pro - ITPro
    Feb 15, 2011 · Symantec has unveiled its latest endpoint protection software, designed to help firms deal with the explosion in malware.
  28. [28]
    Latest Symantec Endpoint Protection Released - SEP 12.1.RU4
    Oct 31, 2013 · Symantec Endpoint Protection 12.1.RU4 has been released on October 28' 2013. You may find the latest release, Symantec Endpoint Protection 12.1.
  29. [29]
    Symantec Endpoint Protection: SEP EOL - NorthStar.io
    Back on April 3, 2017 Symantec announced that the SEP 12.1.x series of agents and management servers were entering into end of life support.<|separator|>
  30. [30]
    Symantec Launches Endpoint Protection 14 For Multi-Layered ...
    Nov 1, 2016 · Symantec Corp. (SYMC), a cyber security company, on Tuesday announced the launch of Symantec Endpoint Protection 14, the next evolution in ...<|separator|>
  31. [31]
    Symantec Endpoint Protection Security Update
    Apr 29, 2025 · If not, run LiveUpdate to update to ERASER Engine 119.1.7.8 by applying Virus and Spyware Protection definitions dated April 2nd, 2025 or ...
  32. [32]
    End Of Life Support for SEP products and versions | Endpoint ...
    The EoL for SEP 12 mentions the following; "Endpoint Protection 12.x clients can still obtain virus definitions from a 14.x Endpoint Protection Manager."<|control11|><|separator|>
  33. [33]
    Symantec Endpoint Protection architecture components - TechDocs
    Symantec Endpoint Protection also comes with multiple tools to help you increase security and manage the product.Missing: core | Show results with:core
  34. [34]
    On-premises, hybrid, or fully cloud management options - TechDocs
    May 8, 2025 · For a successful hybrid deployment, use the latest version of SEPM and 14.3 MP1 or later clients. You manage the agents and some policies from ...
  35. [35]
    Installing Symantec Endpoint Protection Manager - TechDocs
    Apr 16, 2025 · You perform several tasks to install the management server and the console. In the installation wizard, a green check mark appears next to each completed task.
  36. [36]
    Installation Methods for the Agent Software - TechDocs
    On your regular Windows, Mac, and Linux devices you install the Symantec Agent. On your iOS and Android mobile devices, you install the SEP Mobile app.
  37. [37]
    Sizing and scalability best practices for Endpoint Protection
    Apr 14, 2024 · What are the sizing and scalability recommendations or best practices for Symantec Endpoint Protection (SEP)?
  38. [38]
    Symantec Endpoint Protection Manager Policies - TechDocs
    Apr 16, 2025 · Last Updated April 16, 2025. Use Symantec Endpoint Protection Manager (SEPM) policies to manage the security on your client computers. You ...
  39. [39]
    Policies and Policy Groups - TechDocs - Broadcom Inc.
    Policies in Symantec Endpoint Security are based on policy templates that define the policy type. Policy groups provide an easy way to apply multiple policies.
  40. [40]
    Virus Definitions & Security Updates - Broadcom Inc.
    Use this page to make sure your security content is current. Information about protection from the latest threats can be found in the Protection Bulletins.
  41. [41]
    Update content and definitions on the clients - TechDocs
    Apr 16, 2025 · Update content including virus definitions, intrusion prevention signatures, and Host Integrity templates, among others.
  42. [42]
    What is Behavioral Analysis (SONAR) in Symantec Endpoint ...
    Apr 16, 2025 · Behavioral analysis is the real-time protection that detects potentially malicious behavior when applications run on your computers.
  43. [43]
    [PDF] The Symantec Approach to Defeating Advanced Threats | Insight
    It monitors over 1,400 file behaviors as they execute in real-time to identify suspicious behavior and remove malicious applications before they can do harm. • ...
  44. [44]
    Ransomware protection using Symantec Endpoint Security
    Behavioral Analysis prevents the double executable file names of ransomware variants like CryptoLocker from running. In an Antimalware policy, click. Enable ...Missing: heuristic | Show results with:heuristic
  45. [45]
    What is Intrusion prevention ? | Endpoint Protection
    Sep 30, 2020 · The intrusion prevention system (IPS) is the Symantec Endpoint Protection client's second layer of defense after the firewall. The intrusion prevention system ..."Zero-day flaws found in Symantec's Endpoint Protection"Intrusion Prevention Signatures Out of Date | Endpoint ProtectionMore results from community.broadcom.com
  46. [46]
    [PDF] Network Intrusion Prevention System for Symantec Endpoint ... - scroll
    This also provides a level of protection against zero- day vulnerabilities when those vulnerabilities have been added to the toolkits. The SEP IPS solution ...<|separator|>
  47. [47]
    Managing the Symantec Endpoint Security firewall - TechDocs
    The Endpoint Security firewall uses a rules-based firewall engine to analyze all incoming traffic and outgoing traffic and offers IPS browser protection.
  48. [48]
    About firewall rule host triggers - TechDocs - Broadcom Inc.
    Apr 16, 2025 · You specify the host on both sides of the described network connection when you define host triggers.
  49. [49]
    About the types of scans and real-time protection - TechDocs
    Apr 16, 2025 · Symantec Endpoint Protection includes different types of scans and real-time protection to detect different types of viruses, threats, and risks.
  50. [50]
    How does Symantec Endpoint Protection use advanced machine ...
    Apr 16, 2025 · Symantec Endpoint Protection uses advanced machine learning in Download Insight, behavioral analysis (SONAR), and virus and spyware scans.Missing: anomaly predictive hunting
  51. [51]
    How behavioral security technologies provide protection against ...
    Symantec behavioral security technologies provide zero-day protection to secure your network from fileless, Living Off the Land (LOTL), behavior-based attacks.
  52. [52]
    About Endpoint Detection and Response (EDR) in Symantec EDR ...
    Symantec EDR uses machine learning and behavioral analytics to detect and expose suspicious activities. SES EDR alerts you about potentially harmful activity.
  53. [53]
    Device Control Policy Settings - TechDocs - Broadcom Inc.
    Device Control lets you control external devices that attach to endpoints in your Symantec Endpoint Security network.Missing: exfiltration | Show results with:exfiltration
  54. [54]
    Using Adaptive Protection - TechDocs - Broadcom Inc.
    Oct 29, 2025 · Use Adaptive Protection to reduce your attack surface by managing potentially risky behaviors that trusted applications perform.
  55. [55]
    Splunk Add-on for Symantec Endpoint Protection - Splunkbase
    Use the Splunk Add-on for Symantec Endpoint Protection (SEP) to collect SEP server and client activity logs from: - Symantec Endpoint Protection Manager ...Missing: SIEM tools
  56. [56]
    Integrations - TechDocs - Broadcom Inc.
    Integrate third-party applications with Symantec Endpoint Security. You can integrate the following applications: Enroll a. Symantec Endpoint Protection Manager.
  57. [57]
    Symantec Endpoint Protection - QRadar SOAR Apps - GitHub Pages
    Symantec Endpoint Protection Integration for IBM SOAR​​ Teams can investigate an attack by hunting for IOCs or suspect Endpoints across an enterprise, and ...
  58. [58]
    [PDF] Symantec Technology Partner: D3 Security
    D3 SOAR integrates with these Symantec products: • Symantec Endpoint Protection. • Symantec Endpoint Detection and Response. • Symantec Data Loss Prevention.
  59. [59]
    Symantec Endpoint Protection v2 - Cortex XSOAR
    This integration is part of the Symantec Endpoint Protection Pack. Query the Symantec Endpoint Protection Manager using the official REST API.
  60. [60]
    [PDF] Symantec Technology Integration Partner: Carbon Black
    Symantec and Carbon Black integrate for closed-loop threat analysis, enabling real-time detection, investigation, and prevention of advanced threats.
  61. [61]
    Unified Security: Why Broadcom Joined Symantec, Carbon Black
    Broadcom's Enterprise Security Group integrated Symantec's prevention tools with Carbon Black's forensic capabilities, delivering a powerful endpoint ...
  62. [62]
    Symantec Endpoint Protection Integration - Elastic
    This integration is for Symantec Endpoint Protection (SEP) logs. It can be used to receive logs sent by SEP over syslog or read logs exported to a text file ...
  63. [63]
    Symantec Endpoint Protection - Datadog Docs
    Symantec Endpoint Protection is a client-server solution that protects laptops, desktops, and servers in your network against malware, risks, and ...
  64. [64]
    Customizing the Home Page - TechDocs
    Monitor your environment using the default and customizable dashboards on the Symantec Endpoint Security Home page.
  65. [65]
    https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-security/sescloud/Getting-Started/monitoring-your-environment-using-dashboards-v118600519-d4155e419.html
  66. [66]
    Quarantining or Unquarantining a Device - TechDocs - Broadcom Inc.
    Isolate a device from the network in Symantec Endpoint Security when the device is at risk or the device is compromised with a malware infection.Missing: automated rollback
  67. [67]
    How to Backdate Virus Definitions in Endpoint Protection Manager
    Jul 25, 2024 · Follow the steps below to roll back virus definitions in SEPM: Click Policies; Select View Policies; Click LiveUpdate. Double-click your current ...
  68. [68]
    Types of alerts and notifications - TechDocs - Broadcom Inc.
    Apr 16, 2025 · Configuring Windows Security Center notifications to work with Symantec Endpoint Protection clients ... Auto-Protect: Notifications · Actions ...Missing: rollback | Show results with:rollback
  69. [69]
    Capturing Forensic Data - TechDocs - Broadcom Inc.
    Last Updated October 29, 2025. Forensics data is collected to help you investigate devices when an incident is generated. You can collect forensic data for both ...Missing: packet | Show results with:packet
  70. [70]
    Event Timeline - TechDocs - Broadcom Inc.
    Event Timeline. Last Updated October 29, 2025 · The timeline is scaled to the time range. · Each bar of the histogram relates to a 24-hour period.Missing: packet | Show results with:packet
  71. [71]
    Symantec Endpoint Protection Multiple Issues
    Nov 14, 2019 · Symantec Endpoint Protection Small Business Edition (SEP SBE) ; CVE. Affected Version(s). Remediation ; CVE-2019-12757. Prior to 12.1 RU6 MP10d ( ...
  72. [72]
    CVE-2019-12757 Detail - NVD
    Nov 15, 2019 · A privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access ...
  73. [73]
    CVE-2019–12757: Local Privilege Escalation in Symantec Endpoint ...
    Nov 15, 2019 · In order for this vulnerability to be reliably exploited, Symantec Endpoint Protection's “Tamper Protection” feature needs to be disabled.
  74. [74]
    CVE-2019-12758 Detail - NVD
    Nov 15, 2019 · Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual ...
  75. [75]
    Symantec Fixes Privilege Escalation Flaw in Endpoint Protection
    Nov 14, 2019 · Hadar says that CVE-2019-12758 is caused by the security solution's attempt to load a DLL from its current working directory (CWD) instead of ...
  76. [76]
    Symantec Endpoint Protection Multiple Issues
    Mar 3, 2020 · Symantec has released updates to address issues that were discovered in the Symantec Endpoint Protection (SEP), Symantec Endpoint Protection Manager (SEPM),
  77. [77]
    Symantec Endpoint Protection Client 14.x < 14.2.5569.2100 Mult...
    Feb 13, 2020 · (CVE-2020-5821) - A denial of service (DoS) vulnerability exists. An unauthenticated, remote attacker can exploit this issue to make the ...
  78. [78]
    DLL Hijacking Flaw Impacts Symantec Endpoint Protection
    Nov 14, 2019 · Tracked as CVE-2019-12758, the security bug was found to affect all versions of Symantec Endpoint Protection before 14.2 RU2. Version 14.2 ...
  79. [79]
    CVE-2022-37016 Detail - NVD
    Dec 1, 2022 · Symantec Endpoint Protection (Windows) agent may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may ...
  80. [80]
    NVD - CVE-2025-3599
    ### Summary of CVE-2025-3599
  81. [81]
    CVE-2025-5333 Detail - NVD
    Jul 6, 2025 · Description. Remote attackers can execute arbitrary code in the context of the vulnerable service process. Metrics. CVSS Version 4.0<|control11|><|separator|>
  82. [82]
    Benefits of moving to the Symantec Endpoint Security cloud console
    Apr 16, 2025 · No cost or overhead of installing and managing a management server and database. · Capability to share management of multiple Symantec enterprise ...
  83. [83]
    Security Updates - Symantec Endpoint Protection - Broadcom Inc.
    Security Updates- Symantec Endpoint Protection · Version 14.3 · Version 14 · Version 12.1.3 and later · Version 12.1.2 · Version 12.1. 2025 2024 2023 2022 2021 ...
  84. [84]
    [PDF] Symantec Zero Trust Framework Solution Brief - Broadcom Inc.
    The Zero Trust model is founded on the belief that organizations should not automatically trust anything inside or outside its perimeters and must verify.Missing: strategies update
  85. [85]
    Symantec Security Center - Broadcom Inc.
    Symantec Protection Bulletin. These bulletins share protection updates for threats in the news and those still under the radar, so you know you are covered.
  86. [86]
    Broadcom Reviews, Ratings & Features 2025 | Gartner Peer Insights
    Rating 4.4 (2,311) Strong threat detection, intuitive management and reliable performance. Overall a positive experience. Read Full Review. 3.0. Review ...
  87. [87]
    Press Releases | Gen Digital
    Symantec Endpoint Protection (SEP) leverages a breadth of proprietary technologies, and with the release of SEP 14 late last year, we delivered on the next ...
  88. [88]
    It's a Sweep: Symantec Endpoint Protection 14 Leads in Latest ...
    Gartner rated us in the Leaders quadrant for Endpoint Protection Platforms – the 15th consecutive time we've made their endpoint Leaders quadrant.
  89. [89]
    Test Symantec Endpoint Security Complete 14.3 for Windows 11 ...
    The current test Symantec Endpoint Security Complete 14.3 for Windows 11 (252420) from August 2025 of AV-TEST, the leading international and independent ...Missing: NSS Labs
  90. [90]
    Endurance test of 15 security solutions for corporate users - AV-TEST
    Oct 21, 2025 · The detection rates for these products were between 99.6 and 99.0 ... Symantec Endpoint Security Complete 14.3 › · Trellix Endpoint ...
  91. [91]
    Worldwide Corporate Endpoint Security Software Forecast ... - IDC
    Worldwide Corporate Endpoint Security Software Forecast, 2025–2029: Growth Slows But Potential Remains High. By: Mike Jude Loading. Add to shopping cart ...
  92. [92]
    Endpoint Protection Market Share Report | Competitor Analysis
    Endpoint Protection market share table ; 1 · Trend Micro · Trend Micro · 6,126 · 16.28% ; 2 · Symantec Endpoint Protection · 4,326 · 11.50% ; 3 · Windows Defender.Missing: 2024 | Show results with:2024
  93. [93]
    CrowdStrike Falcon vs Symantec Endpoint Detection and Response ...
    CrowdStrike Falcon provides lightweight, AI-driven security with real-time response, easy integration, scalability, and minimal false positives. Symantec ...Missing: lag | Show results with:lag
  94. [94]
    Symantec Endpoint Security Reviews & Ratings 2025 - TrustRadius
    Their threat protection is very good. We are managing a good number of users thanks to the solution and we are pretty satisfied with it. It is somewhat more ...
  95. [95]
    Symantec End-user Endpoint Security Reviews & Product Details - G2
    Rating 4.4 (548) Symantec provides reliable, consistent protection with a solid track record. It's effective at catching threats, runs fairly light in the background, and ...
  96. [96]
    10 Endpoint Protection Companies for 2025 - SentinelOne
    Sep 1, 2025 · Discover the 10 endpoint protection companies for 2025. Learn what endpoint protection is and key tips for choosing the best solution.What Is Endpoint Protection? · Sentinelone Singularitytm... · Key Considerations When...
  97. [97]
    Moving from the Hybrid-Managed Symantec Endpoint Protection ...
    The easiest way to migrate hybrid-managed clients and policies to the SES cloud console is to run the Switch Group to Cloud Managed command from the cloud ...