Launch prototype. Scores and figures shown are based on public sources and are illustrative until first publication.
VendorAudit
VendorAudit
Market Pulse Profiles Compare How to buy Reviews Methodology Newsletter
Subscribe
Category coverage Data Security DSPM · DLP · DAG · AI-SPM
Vendor profile · Data security · Updated April 2026 · Compare with another vendor

Symantec DLP (Broadcom)

Legacy network and endpoint DLP under Broadcom harvesting strategy. Declining investment, deteriorating support. If you are on Symantec DLP, start your replacement evaluation now.

Capability strength
62/ 100
Company health
55/ 100
divisional · NASDAQ: AVGO · ~$800B market cap
Trajectory
Declining
Best fit for
Buyers still on contract — start evaluating replacements

At a glance

Symantec DLP was originally developed by Vontu, acquired by Symantec in 2007 for $350 million. Broadcom acquired Symantec's enterprise security business in November 2019 for $10.7 billion. Broadcom (NASDAQ: AVGO) has a market capitalisation exceeding $800 billion, driven primarily by semiconductor and VMware revenues. Symantec DLP is one of dozens of enterprise software assets Broadcom manages under a financial harvesting model.

VendorAudit's position on Broadcom's approach: Broadcom's acquisition strategy for enterprise software — implemented with Symantec in 2019 and replicated with VMware in 2024 — is well-documented and publicly acknowledged: reduce R&D investment, increase prices, harvest existing install base, and direct support resources toward the highest-paying contracts. This is not a criticism; it is Broadcom's stated business model. The implication for Symantec DLP buyers is clear: the product will not receive material innovation investment, support quality will continue to deteriorate, and pricing will continue to increase at renewal.

What Symantec DLP actually is

Symantec DLP is a network and endpoint data loss prevention platform covering email, web, endpoint, and cloud channels. At its peak in 2015-2019, Symantec DLP was considered the gold standard for enterprise DLP — deep policy customisation, strong network inspection, mature endpoint agent, and extensive connector library. The core platform architecture dates from the Vontu era and has received limited architectural innovation since the Broadcom acquisition.

The product remains technically functional for organisations that have invested in deployment and tuning over years. However, the gap between Symantec DLP's architecture and modern cloud-native alternatives is widening rapidly: Symantec DLP was not designed for SaaS-first, cloud-native, or AI-adopting environments. Coverage of Microsoft Teams, Slack, Google Workspace, and modern cloud collaboration platforms requires workarounds that were not part of the original product design.

Capability assessment

Strengths: Mature, deeply configurable network and endpoint DLP for legacy environments that rely on established policy sets and integration patterns. Large existing install base means extensive documentation, partner expertise, and community knowledge. For organisations with highly customised policy sets built over years, the switching cost is real.

Weaknesses: No meaningful product investment since 2019. Cloud-native coverage (SaaS, modern collaboration platforms, AI services) is inadequate for 2026 environments. Support quality has declined systematically — practitioner reports and VendorAudit channel intelligence consistently document support degradation. Channel partners are exiting the Symantec DLP practice. Pricing at renewal has increased materially under Broadcom's EA restructuring. The platform cannot discover cloud data, manage data posture, or provide AI security monitoring.

The migration imperative

VendorAudit's position is direct: if you are on Symantec DLP under a current contract, begin your replacement evaluation in the next 90 days. The migration window is: start the evaluation while still on contract (to use competitive leverage), complete the selection and POC before renewal, and negotiate a transition timeline into the contract. The most common replacement paths observed in channel intelligence are: Microsoft Purview DLP (for M365 E5 estates), Cyera Omni DLP (for cloud-native environments), and BigID (for multi-source compliance programmes).

Migration complexity is real: Symantec DLP's policy library, in organisations that have maintained it for a decade, represents significant institutional knowledge that needs to be translated into new policy frameworks. Budget for professional services to translate and validate policies — do not assume 1:1 policy migration between platforms.

Negotiation and exit

If you are approaching renewal, Broadcom's motivation is to retain the contract — not to improve the product. Use competitive alternatives actively: documented POC results from Cyera or Microsoft Purview, with exit scenarios costed, give you meaningful leverage. Broadcom has shown willingness to offer substantial discounts to retain large enterprise contracts in the year following the VMware acquisition controversy. Use this window while it lasts.

Independence note: No portion of this analysis was shared with Broadcom or Symantec before publication. VendorAudit takes no money from covered vendors.