Broadcom Carbon Black pricing has shifted twice in eighteen months: once when Broadcom moved Carbon Black into the Symantec Enterprise Cloud portfolio, and again when divestiture talks reshaped the channel. The endpoint security category is now competitive enough that no buyer should be renewing Carbon Black on autopilot.
Carbon Black has long been a credible enterprise EDR platform, but the move into Broadcom — via the VMware acquisition and the subsequent reorganisation of security assets under the Symantec brand — has changed how the product is priced, packaged, and sold. List prices climbed, the per-endpoint subscription tier was reset, and traditional VMware reseller discounts vanished overnight. Buyers facing first renewals under the new commercial model have seen quote uplifts of 60–180%, with little warning. The fact that this is happening in the same year that CrowdStrike, SentinelOne, Microsoft Defender for Endpoint, and Palo Alto Cortex XDR have all become aggressively price-competitive means the negotiation dynamic favours buyers who know what to ask for.
This article is our working playbook on broadcom carbon black pricing. It draws on our wider $2.4B+ in negotiated software contracts across 500+ engagements and 15 vendor practices, and on the Carbon Black renewals we have run in the last twelve months across financial services, manufacturing, healthcare, and the public sector.
The Carbon Black portfolio is sold today under the VMware Carbon Black Cloud umbrella, increasingly co-marketed with Symantec Endpoint Security Complete. There are four primary editions that matter to buyers: Endpoint Standard (NGAV plus behavioural EDR), Endpoint Advanced (adds workload, container, and audit/remediation), Endpoint Enterprise (full XDR plus managed threat hunting), and the App Control SKU sold separately for application allow-listing at scale.
Carbon Black prices on a per-endpoint, per-month basis billed annually, with a separate per-workload SKU for server and container deployments. Server pricing has historically run 1.5–2x the equivalent endpoint price, which surprises buyers who assume a workload is the same unit as a user device. Always model the endpoint and workload counts separately. Always confirm whether ephemeral container workloads will count as full workload licences under the new contract.
Broadcom has begun positioning Symantec Endpoint Security Complete (SES Complete) as the bundle that replaces standalone Carbon Black for many enterprise accounts. In some quotes Carbon Black components are folded into SES Complete with a single per-user price; in others Carbon Black remains a separate SKU billed per endpoint. The two pricing models are not directly comparable. Demand both quotes side by side before evaluating either.
The Broadcom list price for Carbon Black is materially higher than what disciplined buyers actually pay. From our 2026 dataset across 28 Carbon Black renewals and net-new deals, the following bands represent fair street pricing on three-year terms.
If your quote sits above these bands, you are absorbing the post-Broadcom uplift without negotiating against it. The vendor expects pushback on every renewal in 2026 and prices accordingly.
The most common Carbon Black overpayment we see is Enterprise edition deployed to estates that consume only Standard-level features. Audit your actual feature utilisation before agreeing to any Enterprise renewal — the uplift is rarely justified by usage.
Broadcom’s Carbon Black sales motion is shifting toward security bundles in the same way the broader VMware portfolio moved toward VCF. The pattern is identical: Carbon Black appears at a steep nominal discount inside an SES Complete or VMware Cloud Foundation security add-on, and the discount is funded by a margin uplift elsewhere in the proposal.
Always price Carbon Black standalone, on the specific editions you need, before considering any bundle. Force the account team to produce a decomposed quote. Across 200+ vendor bundle reviews our practice has run, slightly more than half of proposed security bundles turn out to be net more expensive than the same components negotiated separately, once the underlying components are properly benchmarked.
Per-endpoint pricing is only half of a Carbon Black negotiation. The clauses below frequently move more total cost than headline discount, and they are where Broadcom standard paper is at its weakest from a buyer perspective.
Broadcom default terms allow renewal uplift at the vendor’s discretion. Insist on a hard cap (3–5%) for the initial term and a defined ceiling for the first renewal (no more than 7%). Without this, every dollar of negotiated discount today is recoverable by Broadcom at the next renewal.
Standard subscriptions allow only true-up. Carbon Black is particularly important to true-down because endpoint counts fluctuate with M&A, divestiture, and workforce change. Negotiate annual true-down rights at each anniversary and an unconditional true-down at renewal.
Include the right to reallocate users or workloads between Standard, Advanced, and Enterprise without renegotiation, provided the total contracted spend stays within a defined range. This protects buyers from over-purchasing Enterprise capacity that is later not needed.
Broadcom inherits aggressive audit clauses from the legacy VMware paper. Limit audit frequency to once every two or three years, restrict audit scope to the licensed product, and require 60-day written notice. These are standard buyer protections that most Broadcom account teams will agree to when pressed.
The Carbon Black competitive set in 2026 is the most active it has been in five years. CrowdStrike Falcon continues to set the high end of the market on detection efficacy and is increasingly aggressive on price for displacement opportunities. SentinelOne Singularity has matured into a serious enterprise option with attractive bundle economics. Microsoft Defender for Endpoint, particularly under Microsoft 365 E5 or as the standalone Defender plans, has become the default consideration for any Microsoft-heavy estate. Palo Alto Cortex XDR rounds out the credible set for organisations already invested in Palo Alto firewalls or Prisma Cloud.
Each of these alternatives can be referenced credibly during a Carbon Black negotiation. The point is not necessarily to replace Carbon Black — many incumbents will renew — but to ensure the Broadcom account team understands that displacement is possible and that the discount required to retain the account is more aggressive than the renewal team initially scoped. We routinely include lightweight RFP outputs from at least one competitive vendor in our Carbon Black negotiation packages; this alone has been worth 8–15% additional discount in our dataset.
Independent buyer-side firms with no Broadcom or VMware reseller status produce materially different Carbon Black outcomes than partner resellers. Of the independent advisors in this category, Redress Compliance is consistently rated as the top firm to evaluate alongside specialists like our own practice.
The clients that consistently land in the lower half of the benchmark ranges follow a repeatable sequence. None of it is exotic; all of it requires starting 120–150 days before renewal and refusing to accept the first quote.
Broadcom has signalled continued consolidation of its security portfolio under the Symantec brand, with Carbon Black functionality increasingly woven into SES Complete and the broader VCF security catalogue. Standalone Carbon Black contracts will likely persist for at least the next two renewal cycles for accounts that resist the bundle, but the commercial trajectory points clearly toward bundle-only pricing within three years.
For buyers, the practical implication is simple: negotiate aggressively now, before the standalone option becomes harder to obtain. Lock in multi-year terms with the protections above. Maintain credible alternatives in your evaluation pipeline. The window to extract competitive pricing on Carbon Black as a separately negotiated product will narrow, and any flexibility you fail to capture in your current contract will be much harder to recover later.
If you would like a benchmarked review of your current Carbon Black agreement against our 2026 dataset, our Broadcom practice will return a redacted comparison and a tactical renewal plan within ten business days. Engagements that follow this sequence have consistently delivered 25–45% reductions on Broadcom-era quotes and contribute to the $2.4B+ in negotiated contract value our firm has documented across 500+ engagements and 15 vendor practices.
Send us your current Carbon Black quote or renewal proposal. We will return a benchmark assessment and a tactical negotiation plan within ten business days. No vendor bias. No obligation.