Broadcom Introduces Industry’s First Incident Prediction Capability to Stop Living-Off-The-Land Attacks
Broadcom (NASDAQ:AVGO) has unveiled Incident Prediction, a groundbreaking AI-powered security capability within Symantec Endpoint Security Complete (SES-C). This innovation leverages AI to combat living-off-the-land (LOTL) attacks by predicting and disrupting cybercriminals' moves in the attack chain.
The technology is trained on over 500,000 real-world attack chains compiled by the Symantec Threat Hunter Team. It can predict an attacker's next 4-5 possible moves, automatically implement mitigation strategies, and restore normal operations without manual intervention from security analysts.
Key benefits include automated mitigation, reduced SOC analyst workload, minimal business disruption, and enhanced attack surface reduction. The feature is now available at no additional cost to current SES-C customers as part of the Adaptive Protection feature set.
Broadcom (NASDAQ:AVGO) ha presentato Incident Prediction, una rivoluzionaria funzionalità di sicurezza basata sull'intelligenza artificiale all'interno di Symantec Endpoint Security Complete (SES-C). Questa innovazione sfrutta l'IA per contrastare gli attacchi living-off-the-land (LOTL) prevedendo e interrompendo le mosse dei cybercriminali nella catena di attacco.
La tecnologia è stata addestrata su oltre 500.000 catene di attacco reali raccolte dal Symantec Threat Hunter Team. È in grado di prevedere le prossime 4-5 mosse possibili di un aggressore, implementare automaticamente strategie di mitigazione e ripristinare le normali operazioni senza intervento manuale degli analisti di sicurezza.
I principali vantaggi includono mitigazione automatizzata, riduzione del carico di lavoro degli analisti SOC, minima interruzione delle attività aziendali e miglioramento della riduzione della superficie di attacco. La funzionalità è ora disponibile senza costi aggiuntivi per i clienti SES-C attuali come parte del set di funzionalità Adaptive Protection.
Broadcom (NASDAQ:AVGO) ha presentado Incident Prediction, una innovadora capacidad de seguridad impulsada por IA dentro de Symantec Endpoint Security Complete (SES-C). Esta innovación utiliza IA para combatir los ataques living-off-the-land (LOTL) prediciendo y bloqueando los movimientos de los ciberdelincuentes en la cadena de ataque.
La tecnología se ha entrenado con más de 500,000 cadenas de ataque reales recopiladas por el equipo Symantec Threat Hunter. Puede predecir los próximos 4-5 movimientos posibles de un atacante, implementar automáticamente estrategias de mitigación y restaurar las operaciones normales sin intervención manual de los analistas de seguridad.
Los beneficios clave incluyen mitigación automatizada, reducción de la carga de trabajo de los analistas SOC, mínima interrupción del negocio y mejora en la reducción de la superficie de ataque. Esta función ya está disponible sin costo adicional para los clientes actuales de SES-C como parte del conjunto de funciones Adaptive Protection.
Broadcom (NASDAQ:AVGO)은 Symantec Endpoint Security Complete (SES-C) 내에 인공지능 기반의 혁신적인 보안 기능인 Incident Prediction을 공개했습니다. 이 기술은 AI를 활용하여 living-off-the-land (LOTL) 공격을 예측하고 공격자의 공격 연쇄 동작을 차단합니다.
이 기술은 Symantec Threat Hunter 팀이 수집한 50만 건 이상의 실제 공격 연쇄 데이터를 기반으로 학습되었습니다. 공격자가 다음에 취할 수 있는 4~5가지 움직임을 예측하고, 자동으로 완화 전략을 실행하며, 보안 분석가의 수동 개입 없이 정상 운영을 복구할 수 있습니다.
주요 이점으로는 자동 완화, SOC 분석가의 업무 부담 감소, 최소한의 비즈니스 중단, 공격 표면 축소 강화가 있으며, Adaptive Protection 기능 세트의 일부로 현재 SES-C 고객에게 추가 비용 없이 제공됩니다.
Broadcom (NASDAQ:AVGO) a dévoilé Incident Prediction, une capacité de sécurité révolutionnaire alimentée par l'IA au sein de Symantec Endpoint Security Complete (SES-C). Cette innovation utilise l'IA pour lutter contre les attaques living-off-the-land (LOTL) en prédisant et en perturbant les actions des cybercriminels dans la chaîne d'attaque.
La technologie a été entraînée sur plus de 500 000 chaînes d'attaque réelles compilées par l'équipe Symantec Threat Hunter. Elle peut prédire les 4 à 5 mouvements suivants possibles d'un attaquant, mettre en œuvre automatiquement des stratégies d'atténuation et restaurer les opérations normales sans intervention manuelle des analystes en sécurité.
Les principaux avantages incluent une atténuation automatisée, une réduction de la charge de travail des analystes SOC, une perturbation minimale des activités et une amélioration de la réduction de la surface d'attaque. Cette fonctionnalité est désormais disponible sans coût supplémentaire pour les clients SES-C actuels dans le cadre de la suite Adaptive Protection.
Broadcom (NASDAQ:AVGO) hat Incident Prediction vorgestellt, eine bahnbrechende KI-gestützte Sicherheitsfunktion innerhalb von Symantec Endpoint Security Complete (SES-C). Diese Innovation nutzt KI, um Living-off-the-Land (LOTL)-Angriffe vorherzusagen und die Aktionen von Cyberkriminellen in der Angriffskette zu unterbrechen.
Die Technologie wurde mit über 500.000 realen Angriffsketten trainiert, die vom Symantec Threat Hunter Team zusammengestellt wurden. Sie kann die nächsten 4-5 möglichen Schritte eines Angreifers vorhersagen, automatisch Gegenmaßnahmen einleiten und den Normalbetrieb ohne manuelles Eingreifen von Sicherheitsexperten wiederherstellen.
Zu den wichtigsten Vorteilen gehören automatisierte Gegenmaßnahmen, reduzierte Arbeitsbelastung der SOC-Analysten, minimale Geschäftsunterbrechungen und verbesserte Reduzierung der Angriffsfläche. Die Funktion ist jetzt ohne zusätzliche Kosten für bestehende SES-C-Kunden als Teil des Adaptive Protection Feature-Sets verfügbar.
- New revenue stream potential through innovative security product offering
- No additional development costs for existing SES-C customers, encouraging adoption
- Competitive advantage as first-to-market with AI-powered incident prediction capability
- Enhanced product portfolio strengthening Broadcom's enterprise security position
- Free offering to existing customers may limit immediate revenue impact
- Potential resource investment needed for ongoing AI model training and maintenance
Insights
Broadcom's introduction of Incident Prediction in Symantec Endpoint Security Complete represents a technical advancement in proactive cybersecurity defenses. The technology targets the increasingly problematic living-off-the-land (LOTL) attacks, which according to the article are now used by nearly all ransomware actors.
What makes this capability noteworthy is its predictive approach - leveraging AI trained on over 500,000 real-world attack chains to forecast and disrupt attackers' next moves automatically. This shifts security from reactive to predictive, potentially reducing the Mean Time To Respond (MTTR) for security incidents.
The capability addresses several key pain points for security teams: it automates mitigation to disrupt attacks in progress, reduces alert fatigue for SOC analysts, minimizes business disruption during incident response, and helps reduce the attack surface. By offering more granular control over security responses, it enables organizations to avoid disruptive measures like machine re-imaging or credential resets.
That this feature is being offered at no additional cost to existing SES-C customers is notable from a competitive standpoint. It suggests Broadcom is prioritizing customer retention and competitive differentiation in the crowded endpoint security market, where vendors like CrowdStrike, Microsoft, and SentinelOne are battling for market share.
While Broadcom's new Incident Prediction capability demonstrates innovation within its security portfolio, its financial impact should be evaluated within context of Broadcom's overall business. As a diversified technology company with a
The announcement indicates this enhancement is offered at no additional cost to current Symantec Endpoint Security Complete customers, limiting immediate revenue upside. However, the innovation could deliver longer-term benefits through improved customer retention, potential competitive wins, and reinforcement of Broadcom's position following its Symantec acquisition.
LOTL attacks represent a growing threat vector that concerns security buyers, potentially creating sales opportunities if Broadcom can effectively market this capability as a differentiator. However, the cybersecurity market evolves rapidly, with competitors likely developing similar capabilities.
From an investment perspective, this product enhancement represents incremental improvement rather than a transformative development for Broadcom. It maintains competitive positioning in enterprise security but is unlikely to materially impact near-term financial performance given Broadcom's scale and diverse revenue streams. The announcement demonstrates Broadcom's continued commitment to innovation within its security business but doesn't fundamentally alter the investment thesis for the company.
Leveraging advanced AI, Symantec Endpoint Security can predict cybercriminals’ moves in the attack chain, quickly stop them and return organizations to a state of cyber resilience
PALO ALTO, Calif., April 15, 2025 (GLOBE NEWSWIRE) -- Broadcom Inc. (NASDAQ:AVGO) today announced Incident Prediction, an industry-first security capability that extends Adaptive Protection, a unique feature of Symantec Endpoint Security Complete (SES-C), by leveraging AI to identify and disrupt living-off-the land (LOTL) attacks and other cyberthreats.
Trained on a catalog of over 500,000 real-world attack chains built by the world-class Symantec Threat Hunter Team, Incident Prediction puts the advantage back in defenders’ hands by: predicting attackers’ behaviors, preventing their next move in the attack chain even when they’re using legitimate software, and then quickly returning the enterprise to its normal state. With Incident Prediction, SES-C delivers exceptional cyber resilience against motivated adversaries.
“The inspiration for Incident Prediction came from how GenAI can ‘predict’ the next word when generating text,” said Eric Chien, Fellow, Symantec Threat Hunter Team, Broadcom. “By leveraging our extensive attack chain repository and threat intelligence using advanced AI and ML, Incident Prediction can predict the next four or five possible moves attackers will make in a customer’s environment, disrupt them, and then revert to normalcy right away. As a result, security analysts no longer need to triage the event to figure out mitigation strategies; Incident Prediction does that automatically for them.”
With Incident Prediction, SOC analysts and other security professionals can:
- Automate mitigation and disrupt attackers: Automatically identify the next steps that a specific attacker will most likely take based on past attack patterns. It then applies mitigation policies to block those predicted actions, disrupting most attacker’s progress before they can reach their end goal of encrypting data or exfiltrating information.
- Reduce burden on SOC analysts: Eliminate the need for SOC analysts to manually triage alerts, analyze attack sequences and determine mitigation strategies. It handles this automatically, freeing up analysts to focus on other security priorities.
- Avoid business impact: Incident Prediction provides specific granular attacker behaviors to block limiting impact to normal business processes. Common day, but crude mitigation measures, which disrupt business such as quarantining machines, shutting down the network, removing user access, or reimaging machines are largely unnecessary.
- Reduce attack surface: Enhancing Symantec Adaptive Protection, which identifies and recommends blocking low-prevalence applications and behaviors to proactively shrink the attack surface. It helps close the “doors” to attackers and their common attack techniques.
The use of legitimate software by cybercriminals, the approach used in LOTL attacks, is on the rise. According to “Ransomware 2025: A Resilient and Persistent Threat,” a new report by the Symantec Threat Hunter Team, LOTL attacks are used by nearly all ransomware actors. Nation-state actors also use them to conduct surveillance or exfiltrate data. And large organizations are not the only victims – mid-market businesses increasingly are targeted. Instead of re-imaging the whole machine or changing everyone’s credentials when an attack is discovered, security professionals can use Incident Prediction to have more granular control over their security by blocking only the attacker’s most likely behaviors to reduce the risk of business disruption and enable a streamlined incident response – as attacks happen – all without additional cost.
“Broadcom is focused on providing enterprise-grade security for all organizations, whether they have a mature SOC or a small security team. Incident Prediction delivers on this commitment – organizations can enhance SOC capabilities regardless of sophistication,” said Jason Rolleston, Vice President and General Manager, Enterprise Security Group, Broadcom. “Today, every organization needs to empower their security teams to become faster, stronger and more resilient against highly sophisticated APT groups. With Incident Prediction, they now have an automated system that can flag, act and help protect against cyberattacks – as they happen – faster and more cost-effectively.”
See Us At RSAC™ 2025 Conference
Broadcom is a Gold Sponsor of RSAC™ 2025 Conference, which will take place April 28 – May 1, 2025 at the Moscone Center in San Francisco. Broadcom will be demonstrating innovations from Symantec and Carbon Black at booth N-5345 in the North Expo. In addition, Broadcom executives will be speaking at the event. Arnaud Taddei, Global Security Strategist, Broadcom, and Roelof du Toit Distinguished Engineer, Broadcom, will present, “ECH: Hello to Enhanced Privacy or Goodbye to Visibility?” on Monday, April 28th from 10:50 AM to 11:40 AM PT. In addition, Eric Chien, Fellow, Symantec Threat Hunter Team, Broadcom, and Jason Rolleston, Vice President & General Manager, Enterprise Security Group, Broadcom, will present, “Under Siege: How APTs and Nation-States Are Coming for Everyone,” on Tuesday, April 29th from 2:25 PM to 3:15 PM PT.
Pricing and Availability
Incident Prediction is available now as a new feature for Adaptive Protection, which is part of Symantec Endpoint Security Complete (SES-C), at no additional cost to current SES-C customers. SES-C is one of the most integrated endpoint security platforms on the planet and delivers cloud-based protection with AI-guided security management, all on a single agent/console architecture.
About Broadcom
Broadcom Inc. (NASDAQ: AVGO) is a global technology leader that designs, develops, and supplies a broad range of semiconductor, enterprise software and security solutions. Broadcom's category-leading product portfolio serves critical markets including cloud, data center, networking, broadband, wireless, storage, industrial, and enterprise software. Our solutions include service provider and enterprise networking and storage, mobile device and broadband connectivity, mainframe, cybersecurity, and private and hybrid cloud infrastructure. Broadcom is a Delaware corporation headquartered in Palo Alto, CA. For more information, go to www.broadcom.com.
Broadcom, the pulse logo, and Connecting everything are among the trademarks of Broadcom. The term "Broadcom" refers to Broadcom Inc., and/or its subsidiaries. Other trademarks are the property of their respective owners.
Press Contact:
Dan Mellinger
Enterprise Security Group Communications
daniel.mellinger@broadcom.com
Telephone: +1 415 572 0216
FAQ
What is Broadcom's new Incident Prediction feature for AVGO investors?
How does Broadcom AVGO's Incident Prediction technology work?
What are the main benefits of AVGO's new Incident Prediction for enterprises?
When will Broadcom's AVGO Incident Prediction be available to customers?
