The user experience was enterprise-grade—meaning slow, clunky, and requiring dedicated training. In contrast, competitors like ZeroFox or RiskIQ (now Microsoft) offered a more fluid, modern UI. Mariana also discovered that —the ability to automatically block malicious domains via her DNS provider—required an expensive add-on integration. Out of the box, Symantec was exceptional at detection but mediocre at automated remediation .
Mariana Vasquez, the CISO of a global fintech firm called Veridian Payments , had a problem that kept her awake at night. It wasn’t the firewall. It wasn’t the endpoint detection. Those were locked down. Her problem lived in the vast, ungoverned wilderness outside her perimeter: the open web, dark web forums, mobile app stores, and social media.
She kept Symantec DRP for and executive brand impersonation , because no other vendor in her bake-off (she tested Group-IB, ZeroFox, and Proofpoint) provided the same level of adversary intelligence. Out of the box, Symantec was exceptional at
Last quarter, a sophisticated phishing kit had been sold on a Telegram channel, perfectly mimicking Veridian’s corporate login page. The attackers didn’t breach her network; they simply impersonated her brand. Customers lost $2 million before the fraud team caught on. The board’s question was brutal: “Why didn’t we know this was happening?”
After three months, Mariana presented her evaluation to the board. Her summary was brutally honest: It wasn’t the endpoint detection
For the Facebook page, Symantec used its “trusted partner” status with Meta, bypassing the standard reporting queue. The fake page was down in two hours. For the X account, it took six hours—slower, because X’s API changed after the 2023 platform overhaul, and Symantec’s integration lagged.
Fast for Tier-1 platforms (Google, Meta, Microsoft). Slower for emerging or hostile platforms (Telegram, Discord, X). with tabs for “Brand Protection
However, Mariana quickly hit the well-known pain point of post-acquisition Symantec. The interface was powerful but dense . It had been built over a decade, with tabs for “Brand Protection,” “Threat Intelligence,” “Data Loss Prevention,” and “Web Isolation.” David complained: “It feels like flying a 747 when I just need a drone. To report a fake Instagram account, I have to navigate three different modules.”