|Founded||March 1, 1982Sunnyvale, California, U.S.in|
|Revenue||US$3.34 billion (2023)|
|US$1.23 billion (2023)|
|US$1.35 billion (2023)|
|Total assets||US$15.9 billion (2023)|
|Total equity||US$2.20 billion (2023)|
Number of employees
|c. 3,700 (2023)|
|Footnotes / references|
Financials as of March 31, 2023[update]
Gen Digital Inc. (formerly Symantec Corporation and NortonLifeLock) is a multinational software company co-headquartered in Tempe, Arizona and Prague, Czech Republic. The company provides cybersecurity software and services. Gen is a Fortune 500 company and a member of the S&P 500 stock-market index. The company also has development centers in Pune, Chennai and Bangalore. Its portfolio includes Norton, Avast, LifeLock, Avira, AVG, ReputationDefender, and CCleaner.
On October 9, 2014, Symantec declared it would split into two independent publicly traded companies by the end of 2015. One company would focus on security, the other on information management. On January 29, 2016, Symantec sold its information-management subsidiary, named Veritas Technologies, and which Symantec had acquired in 2004, to The Carlyle Group. On August 9, 2019, Broadcom Inc. announced they would be acquiring the Enterprise Security software division of Symantec for $10.7 billion, and the company became known as NortonLifeLock. After completing its merger with Avast in September 2022, the company adopted the name Gen Digital Inc.
1982 to 1989
Founded in 1982 by Gary Hendrix with a National Science Foundation grant, Symantec was originally focused on artificial intelligence-related projects, including a database program. Hendrix hired several Stanford University natural language processing researchers as the company's first employees.
In 1984, it became clear that the advanced natural language and database system that Symantec had developed could not be ported from DEC minicomputers to the PC. This left Symantec without a product, but with expertise in natural language database query systems and technology. As a result, later in 1984, Symantec was acquired by another, smaller software startup company, C&E Software, founded by Denis Coleman and Gordon Eubanks and headed by Eubanks. C&E Software developed a combined file management and word processing program called Q&A. Barry Greenstein, now a professional poker player, was the principal developer of the word processor component within Q&A.
The merged company retained the name Symantec. Eubanks became its chairman, Vern Raburn, the former president of the original Symantec, remained as president of the combined company. The new Symantec combined the file management and word processing functionality that C&E had planned, and added an advanced Natural Language query system (designed by Gary Hendrix and engineered by Dan Gordon) that set new standards for ease of database query and report generation. The natural language system was named "The Intelligent Assistant". Turner chose the name of Q&A for Symantec's flagship product, in large part because the name lent itself to use in a short, easily merchandised logo. Brett Walter designed the user interface of Q&A (Brett Walter, director of product management). Q&A was released in November 1985.
In 1986, Vern Raburn and Gordon Eubanks swapped roles, and Eubanks became CEO and president of Symantec, while Raburn became its chairman. After this change, Raburn had little involvement with Symantec, and in a few years, Eubanks added chairmanship to his other roles. After a slow start for sales of Q&A in the fall of 1985 and spring of 1986, Rod Turner, a Symantec Sr. Executive, signed up a new advertising agency called Elliott/Dickens, embarked on an aggressive new advertising campaign, and came up with the "Six Pack Program" in which all Symantec employees, regardless of role, went on the road, training and selling nationwide in the United States. Turner named it Six Pack because employees were to work six days a week, see six dealerships per day, train six sales representatives per store and stay with friends free or at Motel 6. Simultaneously, a promotion was run jointly with SofSell (which was Symantec's exclusive wholesale distributor in the United States for the first year that Q&A was on the market). This promotion was very successful in encouraging dealers to try Q&A.
During this time, Symantec was advised by its board members Jim Lally and John Doerr that if it would cut its expenses and grow revenues enough to achieve cash flow break-even, then Kleiner, Perkins, Caufield & Byers would back the company in raising more venture capital. To accomplish this, the management team worked out a salary reduction schedule where the chairman and the CEO would take zero pay, all vice presidents would take a 50% pay cut, and all other employees' pay was cut by 15%. Two employees were laid off. Eubanks also negotiated a sizable rent reduction on the office space the company had leased in the days of the original Symantec. These expense reductions, combined with strong international sales of Q&A, enabled the company to attain break-even.
The significantly increased traction for Q&A from this re-launch grew Symantec's revenues substantially, along with early success for Q&A in international markets (uniquely a German version was shipped three weeks after the United States version, and it was the first software in the world that supported German Natural Language) following Turner's having emphasized establishing international sales distribution and multiple language versions of Q&A from the initial shipment.
In 1985, Rod Turner negotiated the publishing agreement with David Whitney for Symantec's second product, which Turner named NoteIt (an annotation utility for Lotus 1-2-3). It was evident to Turner that NoteIt would confuse the dealer channel if it was launched under the Symantec name because Symantec had built up interest by that stage in Q&A (but not yet shipped it), and because the low price for the utility would not be initially attracted to the dealer channel until demand had been built up. Turner felt that the product should be marketed under a unique brand name.
Turner and Gordon E. Eubanks Jr., then chairman of Symantec Corporation, agreed to form a new division of Symantec, and Eubanks delegated the choice of name to Turner. Turner chose the name Turner Hall Publishing, to be a new division of Symantec devoted to publishing third-party software and hardware. The objective of the division was to diversify revenues and accelerate the growth of Symantec. Turner chose the name Turner Hall Publishing, using his last name and that of Dottie Hall (Director of Marketing Communications) to convey the sense of a stable, long-established, company. Turner Hall Publishing's first offering was Note-It, a notation utility add-in for Lotus 1-2-3, which was developed by David Whitney, and licensed to Symantec. Its second product was the Turner Hall Card, which was a 256k RAM, half slot memory card, initially made to inexpensively increase the available memory for Symantec's flagship product, Q&A. The Turner Hall division also marketed the card as a standalone product. Turner Hall's third product, also a 1-2-3 add-in was SQZ! a Lotus 1-2-3 spreadsheet compression utility developed by Chris Graham Synex Systems. In the summer of 1986 Eubanks and Turner recruited Tom Byers from Digital Research, to expand the Turner Hall Publishing product family and lead the Turner Hall effort.
By the winter of 1986–87, the Turner Hall Publishing division had achieved success with NoteIt, the Turner Hall Card and SQZ!. The popularity of these products, while contributing a relatively small portion of revenues to Symantec, conveyed the impression that Symantec was already a diversified company, and indeed, many industry participants were under the impression that Symantec had acquired Turner Hall Publishing. In 1987, Byers recruited Ted Schlein into the Turner Hall Product Group to assist in building the product family and in marketing.
Revenues from Q&A, and Symantec's early launch into the international marketplace, combined with Turner Hall Publishing, generated the market presence and scale that enabled Symantec to make its first merger/acquisition, in February 1987, that of Breakthrough Software, maker of the TimeLine project management software for DOS. Because this was the first time that Symantec had acquired a business that had revenues, inventory, and customers, Eubanks chose to change nothing at BreakThrough Software for six months, and the actual merger logistics started in the summer of 1987, with Turner being appointed by Eubanks as general manager of the TimeLine business unit, Turner was made responsible for the successful integration of the company into Symantec and ongoing growth of the business, with P&L. There was a heavy emphasis placed on making the minimum disruption by Eubanks and Turner.
Soon after the acquisition of TimeLine/Breakthrough Software, Eubanks reorganized Symantec, structuring the company around product-centric groups, each having its development, quality assurance, technical support, and product marketing functions, and a general manager with profit and loss responsibility. Sales, finance, and operations were centralized functions that were shared. This structure lent itself well to Symantec's further growth through mergers and acquisitions. Eubanks made Turner general manager of the new TimeLine Product Group, and simultaneously of the Q&A Product Group, and made Tom Byers general manager of the Turner Hall Product Group. Turner continued to build and lead the company's international business and marketing for the whole company.
At the TimeLine Product Group, Turner drove strong marketing, promotion and sales programs to accelerate momentum. By 1989 this merger was very successful—product group morale was high, TimeLine development continued apace, and the increased sales and marketing efforts applied built the TimeLine into the clear market lead in PC project management software on DOS. Both the Q&A and TimeLine product groups were healthily profitable. The profit stream and merger success set the stage for subsequent merger and acquisition activity by the company, and indeed funded the losses of some of the product groups that were subsequently acquired. In 1989, Eubanks hired John Laing as VP worldwide sales, and Turner transferred the international division to Laing. Eubanks also recruited Bob Dykes to be executive vice president for operations and finance, in anticipation of the upcoming IPO. On June 23, 1989 Symantec had its IPO.
1990 to 1999
In May 1990, Symantec announced its intent to merge with and acquire Peter Norton Computing, a developer of various utilities for DOS. Turner was appointed as product group manager for the Norton business, and made responsible for the merger, with P&L responsibility. Ted Schlein was made product group manager for the Q&A business.
The Peter Norton group merger logistical effort began immediately while the companies sought approval for the merger, and in August 1990, Symantec concluded the purchase—by this time the combination of the companies was already complete. Symantec's consumer antivirus and data management utilities are still marketed under the Norton name. At the time of the merger, Symantec had built upon its Turner Hall Publishing presence in the utility market, by introducing Symantec Antivirus for the Macintosh (SAM), and Symantec Utilities for the Macintosh (SUM). These two products were already market leaders on the Mac, and this success made the Norton merger more strategic. Symantec had already begun the development of a DOS-based antivirus program one year before the merger with Norton. The management team had decided to enter the antivirus market in part because it was felt that the antivirus market entailed a great deal of ongoing work to stay ahead of new viruses. The team felt that Microsoft would be unlikely to find this effort attractive, which would lengthen the viability of the market for Symantec. Turner decided to use the Norton name for obvious reasons, on what became the Norton Antivirus, which Turner and the Norton team launched in 1991. At the time of the merger, Norton revenues were approximately 20 to 25% of the combined entity. By 1993, while being led by Turner, Norton product group revenues had grown to approximately 82% of Symantec's total.
At one time Symantec was also known for its development tools, particularly the THINK Pascal, THINK C, Symantec C++, Enterprise Developer and Visual Cafe packages that were popular on the Macintosh and IBM PC compatible platforms. These product lines resulted from acquisitions made by the company in the late 1980s and early 1990s. These businesses and the Living Videotext acquisition were consistently unprofitable for Symantec, and these losses diverted expenditures away from both the Q&A for Windows and the TimeLine for Windows development efforts during the critical period from 1988 through 1992. Symantec exited this business in the late-1990s as competitors such as Metrowerks, Microsoft and Borland gained significant market share.
2000 to present
From 1999 to April 2009, Symantec was led by CEO John W. Thompson, a former VP at IBM. At the time, Thompson was the only African-American leading a major US technology company. He was succeeded in April 2009 by the company's long-time Symantec executive Enrique Salem. Under Salem, Symantec completed the acquisition of Verisign's Certificate Authority business, dramatically increasing their share of that market.
Salem was abruptly fired in 2012 for disappointing earnings performance and replaced by Steve Bennett, a former CEO of Intuit and GE executive. In January 2013, Bennett announced a major corporate reorganization, with the goal of reducing costs and improving Symantec's product line. He said that sales and marketing "had been high costs but did not provide quality outcomes". He concluded that "Our system is just broken".
Robert Enderle of CIO.com reviewed the reorganization and noted that Bennett was following the General Electric model of being product-focused instead of customer-focused. He concluded "Eliminating middle management removes a large number of highly paid employees. This will tactically improve Symantec's bottom line but reduce the skills needed to ensure high-quality products in the long term."
In March 2014, Symantec fired Steve Bennett from his CEO position and named Michael Brown as interim president and chief executive. Including the interim CEO, Symantec has had 3 CEOs in less than two years. On September 25, 2014, Symantec announced the appointment of Michael A. Brown as its president and chief executive officer. Brown had served as the company's interim president and chief executive officer since March 20, 2014. Mr. Brown has served as a member of the company's board of directors since July 2005 following the acquisition of VERITAS Software Corporation. Mr. Brown had served on the VERITAS board of directors since 2003.
In July 2016, Symantec introduced a product to help carmakers protect connected vehicles against zero-day attacks. The Symantec Anomaly Detection for Automotive is an IoT product for manufacturers and uses machine learning to provide in-vehicle security analytics. Greg Clark assumed the position of CEO in August 2016.
In August 2017, Symantec announced that it had agreed to sell its business unit that verifies the identity of websites to Thoma Bravo. With this acquisition, Thoma Bravo plans to merge the Symantec business unit with its own web certification company, DigiCert.
In August 2018, Symantec announced that the hedge fund Starboard Value had put forward five nominees to stand for election to the Symantec board of directors at Symantec's 2018 Annual Meeting of Stockholders. This followed a Schedule 13D filing by Starboard showing that it had accumulated a 5.8% stake in Symantec. In September 2018, Symantec announced that three nominees of Starboard were joining the Symantec board, two with immediate effect (including Starboard Managing Member Peter Feld) and one following the 2018 Annual Meeting of Stockholders.
On May 9, 2019, Symantec announced that Clark would be stepping down and that board member Rick Hill, previously put forward by Starboard, had been appointed interim president and CEO. Vincent Pilette also joined Symantec as its new CFO.
On August 9, 2019, Broadcom announced they would be acquiring the Enterprise software division of Symantec for $10.7 billion. This is after having attempted to purchase the whole company. The Norton family of products will remain in the Symantec portfolio. The sale closed on November 4, 2019, and subsequently, the company adopted the NortonLifeLock name and relocated its headquarters from Mountain View, California to LifeLock's offices in Tempe, Arizona.
In 2021, a crypto-miner was added to the Norton 360 product, called Norton Crypto. Once activated by the user, Norton Crypto mines Ethereum (ETH) using the installed machine's graphics card while idle. The program also creates a secure wallet on the same machine. Norton announced it was permanently disabling the feature on September 14, 2022, due to the Ethereum merge.
On October 9, 2014, Symantec declared that the company would separate into two independent publicly traded companies by the end of 2015. Symantec will continue to focus on security, while a new company will be established focusing on information management. Symantec confirmed on January 28, 2015, that the information management business would be called Veritas Technologies Corporation, marking a return of the Veritas name. In August 2015, Symantec agreed to sell Veritas to a private equity group led by The Carlyle Group for $8 billion. The sale was completed by February 2016, turning Veritas into a privately owned company.
Norton product line includes Norton AntiVirus, Norton Security, Norton Small Business, Norton Family, Norton Mobile Security, Norton Online Backup, Norton 360, Norton Utilities and Norton Computer Tune Up. Norton's line also includes LifeLock and ReputationDefender.
In 2012, PCTools iAntiVirus was rebranded as a Norton product under the name iAntivirus, and released to the Mac App Store. Also in 2012, the Norton Partner Portal was relaunched to support sales to consumers throughout the EMEA technologies.
Avast product line includes Avast Antivirus, Avast Premium Security, Avast Cleanup, Avast Secure Browser, and Avast SecureLine VPN. As of 2017, it is the most popular antivirus vendor on the market and it had the largest market share.
AVG product line includes AVG AntiVirus, AVG Internet Security, AVG Secure VPN, AVG PC TuneUp, and AVG Driver Updater. Previously a publicly company in February 2012, it was acquired by Avast in July 2016 for $1.3 billion.
Avira product line includes Avira Free Security, Avira Internet Security, Avira Prime and Avira Phantom VPN.
Mergers and acquisitions
In 1993, Symantec acquired ACT! from Contact Software International. Symantec sold ACT! to SalesLogix in 1999. At the time it was the world's most popular CRM application for Windows and Macintosh.
On December 16, 2004, Veritas Software and Symantec announced their plans for a merger. With Veritas valued at $13.5 billion, it was the largest software industry merger to date. Symantec's shareholders voted to approve the merger on June 24, 2005; the deal closed successfully on July 2, 2005. July 5, 2005, was the first day of business for the U.S. offices of the new, combined software company. As a result of this merger, Symantec includes storage- and availability-related products in its portfolio, namely Veritas File System (VxFS), Veritas Volume Manager (VxVM), Veritas Volume Replicator (VVR), Veritas Cluster Server (VCS), NetBackup (NBU), Backup Exec (BE) and Enterprise Vault (EV).
On August 16, 2005, Symantec acquired Sygate, a security software firm based in Fremont, California, with about 200 staff. As of November 30, 2005, all Sygate personal firewall products were discontinued.
On January 29, 2007, Symantec announced plans to acquire Altiris, and on April 6, 2007, the acquisition was completed. Altiris specializes in service-oriented management software that allows organizations to manage IT assets. It also provides software for web services, security and systems management products. Established in 1998, Altiris is headquartered in Lindon, Utah.
On November 5, 2007, Symantec announced its acquisition of Vontu, a Data Loss Prevention (DLP) company, for $350 million.
Application Performance Management business
On January 17, 2008, Symantec announced that it was spinning off its Application Performance Management (APM) business and the i3 product line to Vector Capital. Precise Software Solutions took over development, product management, marketing and sales for the APM business, launching as an independent company on September 17, 2008.
On August 18, 2008, Symantec announced the signing of an agreement to acquire PC Tools. Under the agreement, PC Tools would maintain separate operations. The financial terms of the acquisition were not disclosed. In May 2013, Symantec announced they were discontinuing the PC Tools line of internet security software.
In December 2013, Symantec announced they were discontinuing and retiring the entire PC Tools brand and offering a non-expiring license to PC Tools Performance Toolkit, PC Tools Registry Mechanic, PC Tools File Recover and PC Tools Privacy Guardian users with an active subscription as of December 4, 2013.
On April 18, 2008, Symantec completed the acquisition of AppStream, Inc. ("AppStream"), a nonpublic Palo Alto, California-based provider of endpoint virtualization software. AppStream was acquired to complement Symantec's endpoint management and virtualization portfolio and strategy.
On October 9, 2008, Symantec announced its intent to acquire Gloucester-based MessageLabs (spun off from Star Internet in 2007) to boost its Software-as-a-Service (SaaS) business. Symantec purchased the online messaging and Web security provider for about $695 million in cash. The acquisition closed on November 17, 2008.
PGP and GuardianEdge
On April 29, 2010, Symantec announced its intent to acquire PGP Corporation and GuardianEdge. The acquisitions closed on June 4, 2010, and provided access to established encryption, key management and technologies to Symantec's customers.
On May 19, 2010, Symantec signed a definitive agreement to acquire Verisign's authentication business unit, which included the Secure Sockets Layer (SSL) Certificate, Public Key Infrastructure (PKI), Verisign Trust and Verisign Identity Protection (VIP) authentication services. The acquisition closed on August 9, 2010. In August 2012, Symantec completed its rebranding of the Verisign SSL Certificate Service by renaming the Verisign Trust Seal the Norton Secured Seal. Symantec sold the SSL unit to Digicert for US$950 million in mid 2017.
Acquired on October 10, 2010, RuleSpace is a web categorisation product first developed in 1996. The categorisation is, automated using what Symantec refers to as the Automated Categorization System (ACS). It is used as the base for content filtering by many UK ISP.
On May 19, 2011, Symantec announced the acquisition of Clearwell Systems for approximately $390 million.
On January 17, 2012, Symantec announced the acquisition of cloud email-archiving company LiveOffice. The acquisition price was $115 million. Last year,[ambiguous] Symantec joined the cloud storage and backup sector with its Enterprise Vault.cloud and Cloud Storage for Enterprise Vault software, in addition to a cloud messaging software, Symantec Instant Messaging Security cloud (IMS.cloud). Symantec stated that the acquisition would add to its information governance products, allowing customers to store information on-premises, in Symantec's data centers, or both.
On March 2, 2012, Symantec completed the acquisition of Odyssey Software. Odyssey Software's main product was Athena, which was device management software that extended Microsoft System Center software, adding the ability to manage, support and control mobile and embedded devices, such as smartphones and ruggedized handhelds.
Symantec completed its acquisition of Nukona, a provider of mobile application management (MAM), on April 2, 2012. The acquisition agreement between Symantec and Nukona was announced on March 20, 2012.
In May 2014 Symantec acquired NitroDesk, provider of TouchDown, the market-leading third-party EAS mobile application.
Blue Coat Systems
In August 2021, NortonLifelock agreed to merge with Czech cybersecurity software company Avast. The UK Competition and Markets Authority formally cleared the $8.1 billion merger on September 2, 2022. The company subsequently adopted the name Gen Digital.
Security concerns and controversies
The arrival of the year 2010 triggered a bug in Symantec Endpoint. Symantec reported that malware and intrusion protection updates with "a date greater than December 31, 2009, 11:59 pm [were] considered to be 'out of date.'" The company created and distributed a workaround for the issue.
Scan evasion vulnerability
In March 2010, it was reported that Symantec AntiVirus and Symantec Client Security were prone to a vulnerability that might allow an attacker to bypass on-demand virus scanning, and permit malicious files to escape detection.
Denial-of-service attack vulnerabilities
In January 2011, multiple vulnerabilities in Symantec products that could be exploited by a denial-of-service attack, and thereby compromise a system, were reported. The products involved were Symantec AntiVirus Corporate Edition Server and Symantec System Center.
The November 12, 2012 Vulnerability Bulletin of the United States Computer Emergency Readiness Team (US-CERT) reported the following vulnerability for older versions of Symantec's Antivirus system: "The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file."
The problem relates to older versions of the systems and a patch is available. US-CERT rated the seriousness of this vulnerability as a 9.7 on a 10-point scale. The "decomposer engine" is a component of the scanning system that opens containers, such as compressed files, so that the scanner can evaluate the files within.
In January 2012, James Gross filed a lawsuit against Symantec for distributing fake scareware scanners that purportedly alerted users of issues with their computers. Gross claimed that after the scan, only some of the errors and problems were corrected, and he was prompted by the scanner to purchase a Symantec app to remove the rest. Gross claimed that he bought the app, but it did not speed up his computer or remove the detected viruses. He hired a digital forensics expert to back up this claim. Symantec denied the allegations and said that it would contest the case. Symantec settled a $11 million fund (up to $9 to more than 1 million eligible customers representing the overpaid amount for the app) and the case was dismissed in court.
Source code theft
On January 17, 2012, Symantec disclosed that its network had been hacked. A hacker known as "Yama Tough" had obtained the source code for some Symantec software by hacking an Indian government server. Yama Tough released parts of the code and threatened to release more. According to Chris Paden, a Symantec spokesman, the source code that was taken was for Enterprise products that were between five and six years old.
On September 25, 2012, an affiliate of the hacker group Anonymous published source code from Norton Utilities. Symantec confirmed that it was part of the code that had been stolen earlier, and that the leak included code for 2006 versions of Norton Utilities, pcAnywhere and Norton Antivirus.
Verisign data breach
In February 2012, it was reported that Verisign's network and data had been hacked repeatedly in 2010, but that the breaches had not been disclosed publicly until they were noted in an SEC filing in October 2011. Verisign did not provide information about whether the breach included its certificate authority business, which was acquired by Symantec in late 2010. Oliver Lavery, director of security and research for nCircle, asked rhetorically, "Can we trust any site using Verisign SSL certificates? Without more clarity, the logical answer is no."
On February 17, 2012, details of an exploit of pcAnywhere were posted. The exploit would allow attackers to crash pcAnywhere on computers running Windows. Symantec released a hotfix for the issue twelve days later.
Hacking of The New York Times network
According to Mandiant, Symantec security products used by The New York Times detected only one of 45 pieces of malware that were installed by Chinese hackers on the newspaper's network during three months in late 2012. Symantec responded:
"Advanced attacks like the ones the New York Times described in the following article, <http://nyti.ms/TZtr5z>, underscore how important it is for companies, countries and consumers to make sure they are using the full capability of security solutions. The advanced capabilities in our [E]ndpoint offerings, including our unique reputation-based technology and behavior-based blocking, specifically target sophisticated attacks. Turning on only the signature-based anti-virus components of [E]ndpoint solutions alone [is] not enough in a world that is changing daily from attacks and threats. We encourage customers to be very aggressive in deploying solutions that offer a combined approach to security. Anti-virus software alone is not enough".
Intellectual Ventures suit
In February 2015, Symantec was found guilty of two counts of patent infringement in a suit by Intellectual Ventures Inc and ordered to pay $17 million in compensation and damages, In September 2016, this decision was reversed on appeal by the Federal Circuit.
Sustaining digital certificate security
On September 18, 2015, Google notified Symantec that the latter issued 23 test certificates for five organizations, including Google and Opera, without the domain owners' knowledge. Symantec performed another audit and announced that an additional 164 test certificates were mis-issued for 76 domains and 2,458 test certificates were mis-issued for domains that had never been registered. Google requested that Symantec update the public incident report with proven analysis explaining the details on each of the failures.
The company was asked to report all the certificates issued to the Certificate Transparency log henceforth. Symantec has since reported implementing Certificate Transparency for all its SSL Certificates. Above all, Google has insisted that Symantec execute a security audit by a third party and to maintain tamper-proof security audit logs.
Google and Symantec clash on website security checks
On March 24, 2017, Google stated that it had lost confidence in Symantec, after the latest incident of improper certificate issuance. Google says millions of existing Symantec certificates will become untrusted in Google Chrome over the next 12 months. According to Google, Symantec partners issued at least 30,000 certificates of questionable validity over several years, but Symantec disputes that number. Google said Symantec failed to comply with industry standards and could not provide audits showing the necessary documentation.
Google's Ryan Sleevi said that Symantec partnered with other CAs (CrossCert (Korea Electronic Certificate Authority), Certisign Certificatadora Digital, Certsuperior S. de R. L. de C.V., and Certisur S.A.) who did not follow proper verification procedures leading to the misissuance of certificates.
Following discussions in which Google had required that Symantec migrate Symantec-branded certificate issuance operations a non-Symantec-operated "Managed Partner Infrastructure", a deal was announced whereby DigiCert acquired Symantec's website security business. In September 2017, Google announced that starting with Chrome 66, "Chrome will remove trust in Symantec-issued certificates issued prior to June 1, 2016". Google further stated that "by December 1, 2017, Symantec will transition issuance and operation of publicly-trusted certificates to DigiCert infrastructure, and certificates issued from the old Symantec infrastructure after this date will not be trusted in Chrome." Google predicted that toward the end of October, 2018, with the release of Chrome 70, the browser would omit all trust in Symantec's old infrastructure and all of the certificates it had issued, affecting most certificates chaining to Symantec roots. Mozilla Firefox planned to distrust Symantec-issued certificates in Firefox 63 (released on October 23, 2018), but delivered the change in Firefox 64 (released on December 11, 2018). Apple has also planned to distrust Symantec root certificates. Subsequently, Symantec exited the TLS/SSL segment by selling the SSL unit to Digicert for $950 million in mid 2017.
Columbia patent-infringement lawsuit
In May 2022, Columbia University won $185 million judgement against NortonLifeLock Inc. in a patent-infringement lawsuit. The jury found that Norton willfully infringed the patents related to antivirus fighting malware.
- Comparison of antivirus software
- Comparison of computer viruses
- Huawei Symantec, a joint venture between Huawei and Symantec
- Web blocking in the United Kingdom - Technologies
- Symantec behavior analysis technologies SONAR and AntiBot
- Symantec Online Backup
- "FY2023 Annual Report". U.S. Securities and Exchange Commission. May 25, 2023. pp. 10, 42–43.
- Bray, Chad (August 11, 2015). "Carlyle Group and Other Investors to Acquire Veritas Technologies for $8 Billion". The New York Times. ISSN 0362-4331. Retrieved April 21, 2020.
- Kuranda, Sarah (January 29, 2016). "Partners Cheer the Official Closing Date of Symantec Split". CRN. Retrieved February 21, 2016.
- "Cyber-security firm, headquarters moved to Arizona, selling 10 California buildings". Press Enterprise. January 15, 2020. Retrieved May 23, 2020.
- "NortonLifeLock, Avast debut new 'Gen' identity". ComputerWeekly.com. Retrieved November 16, 2022.
- Slaughter, Sandra A. (2014). A Profile of the Software Industry: Emergence, Ascendance, Risks, and Rewards. 2014 digital library. New York: Business Expert Press. p. 69. ISBN 978-1-60649-655-8. OCLC 886114400. Retrieved March 24, 2017.
- Springer, Paul J. (2015). Cyber Warfare: A Reference Handbook: A Reference Handbook. Contemporary World Issues. ABC-CLIO. p. 193. ISBN 978-1-61069-444-5. OCLC 1002294935. Retrieved March 24, 2017.
- Jones, Capers (2014). The Technical and Social History of Software Engineering. Addison-Wesley. p. 198. ISBN 978-0-321-90342-6. OCLC 868058641. Retrieved March 24, 2017.
- "From the News Desk". InfoWorld. September 14, 1984. p. 9.
- AI Trends. DM Data, Incorporated. 1985. Retrieved March 24, 2017.
- Jones, C. (2014). The Technical and Social History of Software Engineering. Addison-Wesley. p. 199. ISBN 978-0-321-90342-6. Retrieved March 24, 2017.
- "Gordon Eubanks Oral History, Computerworld Honors Program, Daniel S. Morrow, November 8, 2000". Retrieved November 9, 2010.
- "RasterOps-Truevison adds two industry leaders to board of directors; company names Walter W., Tuesday, March 21, 1995". Business Wire. Archived from the original on March 28, 2009. Retrieved November 9, 2010.
- U.S. "Symantec". Answers.com. Retrieved November 9, 2010.
- "Company Histories: Symantec Corporation, Funding Universe". Fundinguniverse.com. Retrieved November 9, 2010.
- "Hendren and Associates". Hendrenet.com. Archived from the original on July 11, 2011. Retrieved November 9, 2010.
- "About Symantec - Corporate Information". January 26, 2002. Archived from the original on January 26, 2002. Retrieved November 11, 2022.
- "Class action suit filed against Symantec Corporation and its officers and directors alleging misrepresentations, false financial statements and insider trading". Business Wire. August 14, 1996. Archived from the original on May 17, 2017. Retrieved July 12, 2013.
- "Enrique Salem". 2012. Archived from the original on December 20, 2012. Retrieved June 11, 2013.
- Parrish, Kevin (August 21, 2009). "Symantec Lists 100 Dirtiest Websites". Tom's Guide.
- Collins, Barry (November 30, 2009). "Symantec reveals the 100 dirtiest sites on the web". Alphr.
- Finkle, Jim (July 25, 2012). "Symantec fires CEO, successor begins turnaround effort". Reuters. Retrieved July 11, 2013.
- Messmer, Ellen (January 24, 2013). "Symantec CEO on reorg: 'our system is just broken'". Computerworld. Retrieved June 7, 2015.
- Enderle, Rob (January 25, 2013). "Symantec Reorganization Offers a Lesson on Knowing When to Leave". CIO. Archived from the original on October 22, 2013. Retrieved June 7, 2015.
- Schwartz, Mathew (March 21, 2004). "Symantec Fires CEO In Surprise Move". Dark Reading. Retrieved June 7, 2015.
- Yadron, Danny; Lublin, Joann S. (March 20, 2014). "Symantec Fires CEO Steve Bennett". Wall Street Journal. ISSN 0099-9660. Retrieved April 16, 2017.
- Stynes, Tess (September 25, 2014). "Symantec Appoints Brown as CEO". Wall Street Journal. ISSN 0099-9660. Retrieved May 29, 2017.
- "UPDATE 2-Symantec fires CEO Bennett". Reuters. March 20, 2014. Retrieved May 29, 2017.
- "Symantec Appoints Michael A. Brown CEO". Symantec Press Release. Retrieved June 7, 2015.
- News18.com. "Symantec Launches New System to Protect Connected Vehicles From Hack Attacks." July 14, 2016. July 14, 2016.
- Henderson, James (June 13, 2016). "Aussie takes charge as Symantec closes in on $4.6 billion Blue Coat buyout". ARN. Retrieved April 4, 2017.
- Molina, Brett (November 21, 2016). "Symantec to acquire LifeLock for $2.3B". USA Today. Retrieved November 21, 2016.
- Reuters. "Symantec Plans to Sell This Business for Nearly $1 Billion." August 2, 2017. August 29, 2017.
- VanillaPlus. "BT and Symantec partner to provide best-in-class endpoint security protection]". January 4, 2018. Retrieved January 5, 2018.
- Salinas, Sara (May 11, 2018). "Symantec suffers worst day in 17 years after news of internal audit". CNBC. Retrieved September 13, 2018.
- Reisinger, Don (May 11, 2018). "Symantec Is Conducting an Mysterious Internal Investigation as shares take a tumble". Fortune. Retrieved September 13, 2018.
- "Symantec says annual report may be delayed due to investigation". Reuters. May 10, 2018. Retrieved September 13, 2018.
- "Gen Investor Relations - Investor Relations". investor.gendigital.com. Retrieved May 9, 2023.
- "Starboard eyes Symantec board seats after taking stake". Reuters. August 16, 2018. Retrieved May 9, 2023.
- "Symantec names three Starboard nominees to board". Reuters. September 17, 2018. Retrieved May 9, 2023.
- Wiles, Russ. "Cybersecurity company, now based in Tempe, pays special $8 billion dividend". azcentral. Retrieved May 23, 2020.
- "Norton 360 Now Comes With a Cryptominer – Krebs on Security". January 11, 2022. Retrieved January 30, 2022.
- Clark, Mitchell (January 7, 2022). "Here's the truth about the crypto miner that comes with Norton Antivirus". The Verge. Retrieved August 23, 2022.
- "NortonLifeLock to End Antivirus Crypto-Mining Due to Ethereum Merge". PCMAG. Retrieved September 21, 2022.
- "Symantec latest company to split in two". BBC News. October 10, 2014. Retrieved February 17, 2015.
- Brown, Michael. "New Veritas Name Blends our History and Vision for Tomorrow's Data Challenges". Symantec. Retrieved January 28, 2015.
- Corporate press release, Symantec and Veritas separation (PDF), archived from the original (PDF) on November 30, 2016, retrieved February 15, 2016
- "AVAST Software s.r.o.: Private Company Information". Bloomberg. Retrieved November 26, 2022.
- McMillan, Robert (July 7, 2016). "Avast Software to Buy AVG Technologies for $1.3 Billion". WSJ. Retrieved November 26, 2022.
- Darrow, Barbara (December 7, 1999). "Symantec To Sell ACT To SalesLogix". CRN.com. Archived from the original on June 27, 2012. Retrieved March 30, 2011.
- Lee, Dan (August 18, 2014). "2004: Symantec to buy Veritas for $13.5 billion". The Mercury News. Retrieved March 25, 2017.
- Flynn, Laurie J. (June 25, 2005). "Shareholders Approve Symantec-Veritas Software Merger". The New York Times. ISSN 0362-4331. Retrieved March 25, 2017.
- Das, Sejuti (June 15, 2016). "Symantec's on a roll: 15 merger and acquisition deals you need to know". ChannelWorld India. Archived from the original on November 15, 2018. Retrieved March 25, 2017.
- Roberts, Paul F. (August 16, 2005). "Symantec Acquires Endpoint-Security Company Sygate". eWEEK. Retrieved March 25, 2017.
- Savvides, Lexy (November 29, 2005). "Symantec scraps Sygate consumer firewall". CNET. Retrieved March 25, 2017.
- Finkle, Jim (January 29, 2007). "Symantec to acquire Altiris in $830 mln deal". Reuters. Retrieved March 25, 2017.
- "Symantec Completes Acquisition of Altiris". PC World (press release). April 10, 2007. Archived from the original on December 5, 2022. Retrieved March 25, 2017.
- Computerworld (in German). IDG Enterprise. February 3, 1997. p. 69. Retrieved May 29, 2017.
- "UPDATE 1-Symantec says to acquire Vontu for $350 million". Reuters. November 5, 2007. Retrieved March 25, 2017.
- "Symantec to Sell Application Performance Management Business to Vector Capital". Symantec.com. Archived from the original on December 30, 2008. Retrieved November 9, 2010.
- Dubie, Denise (January 18, 2008). "Symantec dumps application performance management business". Network World. Retrieved April 16, 2017.
- "The new Precise to redefine application performance management". precise.com. Archived from the original on September 28, 2010. Retrieved April 7, 2011.
- "Download PC Performance & Computer Registry Software | PC Tools by Symantec". Pctools.com. May 18, 2013. Retrieved July 11, 2013.
- "Download PC Performance & Computer Registry Software | PC Tools by Symantec". Pctools.com. December 4, 2013. Retrieved January 15, 2014.
- "AppStream Purchase for Symantec (SYMC)". Archived from the original on September 11, 2015. Retrieved September 18, 2017.
- Stafford, Philip (October 9, 2008). "MessageLabs sold to Symantec for £397m". Financial Times. Archived from the original on December 10, 2022. Retrieved March 25, 2017.
- "Symantec Acquires MessageLabs: Bolsters SaaS Messaging Security Offerings". Enterprise Management Associates (EMA), an IT analyst firm. November 17, 2008. Retrieved March 25, 2017.
- Messmer, Ellen (April 29, 2010). "Symantec buying PGP Corp., GuardianEdge for $370 million". Network World. Retrieved March 25, 2017.
- Termanini, R. (2016). The Cognitive Early Warning Predictive System Using the Smart Vaccine: The New Digital Immunity Paradigm for Smart Cities and Critical Infrastructure. CRC Press. p. 85. ISBN 978-1-4987-2653-5. Retrieved March 25, 2017.
- "VeriSign Rebrands To Norton - Get Norton Secured Seal For Your Site". Trustico.com. April 15, 2012. Archived from the original on July 29, 2013. Retrieved July 11, 2013.
- Sayer, Peter (August 3, 2017). "How Symantec solved browser trust issue for its SSL certificates". CSO Online. Retrieved May 23, 2020.
- Kaplan, Dan (October 20, 2010). "Symantec buys RuleSpace for URL filtering technology". SC Magazine US. Retrieved March 25, 2017.
- "Symantec buys data experts Clearwell for $390 million". Reuters. May 19, 2011. Archived from the original on March 26, 2017. Retrieved March 25, 2017.
- Dignan, Larry (January 17, 2012). "Symantec picks up LiveOffice for $115 million, bolsters cloud archiving". ZDNet. Retrieved March 25, 2017.
- Kirk, Jeremy (January 16, 2012). "Symantec Acquires LiveOffice Cloud-Based Archiving Company". CIO. Retrieved April 16, 2017.
- Howley, Daniel P. (July 17, 2012). "Symantec Beefs Up Enterprise Mobile Security Offerings". Laptop Mag. Retrieved April 16, 2017.
- "Symantec Completes Acquisition of Nukona". Symantec. April 16, 2012. Archived from the original on March 26, 2017. Retrieved March 25, 2017.
- Messmer, Ellen (March 20, 2012). "Symantec to acquire Nukona to assist in BYOD strategy". Network World. Retrieved March 25, 2017.
- Kirk, Jeremy (May 28, 2014). "Symantec acquires NitroDesk for email security on Android". PCWorld. Retrieved March 25, 2017.
- McMillan, Robert; Cimilluca, Dana (June 13, 2016). "Symantec Set to Buy Blue Coat Systems in $4.65 Billion Deal". Wall Street Journal. ISSN 0099-9660. Retrieved June 13, 2016.
- Molina, Brett. "Symantec to acquire LifeLock for $2.3B". USA Today. No. 2016–11–21. Retrieved November 21, 2016.
- "Symantec completes acquisition of Tempe's LifeLock for $2.3B". www.bizjournals.com. Retrieved November 14, 2019.
- Lunden, Ingrid (December 7, 2020). "NortonLifeLock acquires Avira in $360M all-cash deal, 8 months after Avira was acquired for $180M". TechCrunch. Retrieved October 24, 2022.
- Sawers, Paul (September 2, 2022). "UK clears $8.1B merger between NortonLifeLock and Avast". TechCrunch. Retrieved September 21, 2022.
- "Technology Briefing | Software: Symantec Cuts Profit On Accounting Error". The New York Times. Bloomberg News. August 10, 2004. ISSN 0362-4331. Retrieved April 16, 2017.
- McMillan, Robert (August 10, 2004). "Symantec lowers earnings results after software glitch". Computerworld. Retrieved April 16, 2017.
- Greene, Tim (January 6, 2010). "Is It Y2K All Over Again in 2010?". PCWorld. Retrieved April 16, 2017.
- "Symantec AntiVirus Scan Evasion Vulnerability". Retrieved June 7, 2015.
- "Security Advisories Relating to Symantec Products - Symantec Event Manipulation Potential Scan Bypass". Retrieved June 7, 2015.
- "Multiple vulnerabilities in Symantec products". HelpNet Security. January 27, 2011. Retrieved June 7, 2015.
- "Vulnerability Summary for the Week of November 12, 2012 - US-CERT". United States Computer Emergency Readiness Team. Retrieved June 7, 2015.
- Yin, Sara (January 12, 2012). "Symantec Sued for Scareware Tactics". PC Magazine. Ziff Davis. Retrieved February 10, 2012.
- McLernon, Sean (March 18, 2013). "Symantec Inks $11M Deal Ending Claims It Used Scare Tactics". Law360. Portfolio Media.
- Breyer, Charles R. (July 31, 2012). "Filing 49: Order by Judge Charles R. Breyer granting 38 Motion to Dismiss". Gross v. Symantec Corporation – via Justia Dockets & Filings.
- Keizer, Gregg (January 17, 2012). "Symantec backtracks, admits own network hacked". Computerworld. Retrieved February 10, 2012.
- Constantin, Lucian (September 25, 2012). "Symantec: Leaked Norton Utilities 2006 source code already published months ago". PCWorld. Retrieved April 16, 2017.
- Menn, Joseph (February 2, 2012). "Key Internet operator VeriSign hit by hackers". Reuters. Retrieved April 16, 2017.
- Bradley, Tony (February 2, 2012). "VeriSign Hacked: What We Don't Know Might Hurt Us". PCWorld. Retrieved June 7, 2015.
- Albanesius, Chloe. "VeriSign Hacked Multiple Times in 2010". PC Magazine.
- Keizer, Gregg (February 23, 2012). "pcAnywhere exploit hackers could hijack 200,000 Windows PCs". ComputerworldUK. Retrieved April 16, 2017.
- "Claims by Anonymous about Symantec Source Code". Symantec. Archived from the original on September 24, 2015. Retrieved September 18, 2013.
- Perlroth, Nicole (January 31, 2013). "Hackers in China Attacked The Times for Last 4 Months". The New York Times. Retrieved June 10, 2013.
- Perlroth, Nicole (January 30, 2013). "Hackers in China Attacked The Times for Last 4 Months". The New York Times. ISSN 0362-4331. Retrieved April 21, 2020.
- "Symantec Statement Regarding New York Times Cyber Attack". Symantec Official blog.
- Robinson, Teri. "Symantec to pay $17M in damages for patent violations". SC Magazine. Retrieved June 7, 2015.
- Roberts, Jeff John (October 3, 2016). "Here's Why Software Patents Are in Peril After the Intellectual Ventures Ruling". Fortune Magazine. Retrieved October 5, 2016.
- Crouch, Dennis (October 2, 2016). "First Amendment Finally Reaches Patent Law". PatentlyO. Retrieved October 5, 2016.
- Goodin, Dan (October 29, 2015). "Still fuming over HTTPS mishap, Google makes Symantec an offer it can't refuse". Ars Technica. Retrieved April 16, 2017.
- "Google threatens action against Symantec-issued SSL certificates following botched investigation". PCWorld. Retrieved October 3, 2017.
- Constantin, Lucian (October 29, 2015). "Google threatens action against Symantec-issued SSL certificates following botched investigation". PCWorld. Retrieved April 16, 2017.
- "Google slams Symantec over Certificate Transparency trouble". SearchSecurity. April 16, 2017. Retrieved April 16, 2017.
- Constantin, Lucian (March 24, 2017). "To punish Symantec, Google may distrust a third of the web's SSL certificates". PC World. Retrieved March 24, 2017.
- Fariñas, Rafael (March 26, 2017). "Symantec loses Google's trust over fishy SSL Certificates". The USB Port. Retrieved March 26, 2017.
- "To punish Symantec, Google may distrust a third of the web's SSL certificates". PC World. Retrieved April 16, 2017.
- Goodin, Dan (March 24, 2017). "Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs". Ars Technica. Retrieved March 24, 2017.
- Cimpanu, Catalin. "Google Reducing Trust in Symantec Certificates Following Numerous Slip-Ups". Bleeping Computer. Retrieved March 24, 2017.
- Conger, Kate (March 27, 2017). "Google is fighting with Symantec over encrypting the internet". TechCrunch. Retrieved March 24, 2017.
- Fisher, Darin (July 27, 2017). "Re: [blink-dev] Intent to Deprecate and Remove: Trust in existing Symantec-issued Certificates". firstname.lastname@example.org Google Group.
- Merrill, John (August 2, 2017). "DigiCert to Acquire Symantec's Website Security Business". DigiCert.
- O’Brien, Devon; Sleevi, Ryan; Whalley, Andrew (September 11, 2017). "Chrome's Plan to Distrust Symantec Certificates". Google Security Blog.
- Thayer, Wayne (July 30, 2018). "Update on the Distrust of Symantec TLS Certificates". Mozilla Security Blog. Retrieved August 15, 2018.
- "Firefox 64 for developers". MDN Web Docs. Retrieved December 11, 2018.
- "Information for website operators about distrusting Symantec certificate authorities". Apple Support. August 1, 2018.
- Lynch, Vincent (June 7, 2018). "Our Latest Symantec Distrust Guidance". DigiCert Blog.
- Valbrun, Marjorie (May 4, 2022). "Columbia Awarded $185 Million in Patent-Infringement Lawsuit". Inside Higher Ed. Retrieved May 7, 2022.
- Yasiejko, Christopher (May 2, 2022). "Norton Owes Columbia $185 Million Over Antivirus Patents". Bloomberg Law. Retrieved May 7, 2022.
- Brittain, Blake (May 2, 2022). "Jury says NortonLifeLock owes Columbia U. $185 million over cybersecurity patents". Reuters. Retrieved May 7, 2022.
- Official website
- Business data for Gen Digital Inc.: