Symantec Endpoint Security Complete

Prevent breaches with modern endpoint security.

The most complete attack prevention, detection and response solution for defending traditional and mobile endpoints from being compromised using a single agent and console for simplified defense.

Download the Data Sheet Watch the Webinar

Prevent attacks early in the attack chain before a full breach occurs

Only Symantec delivers attack and breach prevention, response and remediation across the attack chain.

Symantec Endpoint Security provides your organization with ultimate security at the endpoint. It stops endpoint compromise with superior next gen protection technologies that span the attack chain. Innovative prevention and proactive attack surface reduction technologies provide the strongest defense against the hardest to detect threats that rely on stealthy malware, credential theft, fileless, and “living off the land” attack methods. Symantec also prevents full-blown breaches before exfiltration can occur. Sophisticated attack analytics, automated investigation playbooks, and industry first lateral movement and credential theft prevention provide precise attack detections and proactive threat hunting to contain the attacker and resolve persistent threats in real time.

Protections for All Phases of the Attack Lifecycle

Pre-Attack Surface Reduction

Proactive endpoint defense with pre-attack surface reduction capabilities based on advanced policy controls and technologies continuously scan for vulnerabilities and misconfigurations across applications, Active Directory, and devices. With attack surface reduction defenses in-place, many attacker tactics and techniques cannot be leveraged on your endpoint estate.

  • Vulnerability Remediation enhances your security posture by providing visibility and intelligence into vulnerabilities and their associated risk.


  • Breach Assessment continuously probes Active Directory for domain misconfigurations, vulnerabilities, and persistence using attack simulations to identify risks.
  • Device Control specifies block or allow policies on different types of devices that attach to client computers, such as USB, infrared, and FireWire devices.
  • App Isolation & App Control allows only known good applications to run, shields known-good applications to prevent attackers from exploiting application vulnerabilities, and isolates unknown apps.



Attack Prevention

Multilayer attack prevention immediately and effectively protects against file-based and fileless attack vectors and methods. Machine learning and artificial intelligence use advanced device and cloud-based detection schemes to identify evolving threats across device types, operating systems, and applications. Attacks are blocked in real-time to maintain endpoint integrity and avoid negative impacts.

  • Malware Prevention combines signature-based methods (file and website reputation analysis and antivirus scanning) and pre-execution detection and blocking of new and evolving threats (advanced machine learning, sandboxing to detect malware hidden in custom packers, and suspicious file behavioral monitoring and blocking).
  • Exploit Prevention blocks memory-based zero-day exploits of vulnerabilities in popular software.
  • Intensive Protection enables fine-grained tuning of the level of detection and blocking separately to optimize protection and gain enhanced visibility into suspicious files.
  • Network Connection Security identifies rogue Wi-Fi networks and utilizes hotspot reputation technology and delivers a policy-driven VPN to protect network connections and support compliance.
Breach Prevention
  • Intrusion prevention and firewall blocks known network and browser-based malware attacks using rules and policies and prevents command and control setup with automated domain IP address blacklisting.
  • Deception uses lures and baits – fake files, credentials, network shares, cache entries and endpoints - to expose, determine attacker intent and tactics, and delay attackers through early visibility.

  • Active Directory Security defends the primary attack surface for lateral movement and domain admin credential theft by controlling the attacker’s perception of an organization’s Active Directory resources - from the endpoint - using unlimited obfuscation (fake asset and credential creation). With obfuscation, the attacker gives themselves away while interacting with “fake assets” or attempting use of domain admin credentials on Active Directory’s perception.

  • Auto-managed policies, based on advanced AI and ML, uniquely combines indicators of compromise and historical anomalies to continuously adapt endpoint policy thresholds or rules and keep them up to date and aligned with the current risk profile of your organization.

Response and Remediation

Symantec combines endpoint detection and response (EDR) technologies and unmatched security operations center (SOC) analyst expertise, giving you the tools necessary to quickly close out endpoint incidents and minimize attack impacts.  Integrated EDR capabilities, in a single-agent architecture, precisely detect advanced attacks, provide real-time analytics, and enable you to actively hunt threats and pursue forensic investigations and remediation.

  • Targeted Attack Analytics provides precise detections from time tested Targeted Attack Analytics used by Symantec’s 3,000 researchers, based on global activity of the good and the bad, across all enterprises that comprise our telemetry set. Real-time incidents are generated—with a detailed analysis of the attacker, techniques, impacted machines, and remediation guidance.
  • Advanced Threat Hunting tools are provided in Symantec EDR including built-in playbooks that encapsulate the best practices of skilled threat hunters, anomaly detection, process memory analysis, risk-scored recording of endpoint activity, and continually updated endpoint behaviors that detect advanced attack techniques.
  • Integrated Response takes direct action on the endpoint to remediate – retrieving files, deleting files, isolating endpoints and blacklisting. Symantec EDR supports automatic submission of identified suspicious files to sandboxing for complete malware analysis including exposing malware that is VM-aware.
  • Expert SOC Investigator is a 24x7 forensics investigation and threat hunting service that employs Symantec SOC analysts to actively detect stealthy attacks and expertly examine suspicious activity. These analysts use Symantec Endpoint Detection and Response (EDR) coupled with machine learning analytics and Symantec Global Intelligence Network correlation.

Symantec Endpoint Security At-A-Glance

Different products to help you address your endpoint security needs. See what's included.

Feature Symantec Endpoint Security Enterprise Symantec Endpoint Security Complete
Security Need “Need attack prevention against sophisticated threats and attack vectors” “Need attack prevention, attack surface reduction, and post breach detection and remediation to fully expose and resolve the most advanced threats”
Traditional and Mobile Device Support:
Win, Mac, Linux, iOS, Android, Win 10 S mode
Deployment & Management Options:
On-Prem*, Hybrid, Cloud
Pre-Attack Surface Reduction:  
Breach Assessment  
Device Control
App Isolation & App Control  
Attack Prevention:
Malware Prevention
Exploit Prevention
Intensive Protection
Network Connection Security
Breach Prevention:  
Intrusion Prevention & Firewall
Active Directory Security  
Auto-managed Policies  
Post Breach Response & Remediation  
Targeted Attack Analytics  
Threat Hunting  
Auto Response  
Vulnerability Remediation**    
Expert SOC Investigator**    
DLP for Endpoint**    


Symantec is ranked as a leader in endpoint security by top tier industry analysts.

Test Results

SE Labs put Symantec Endpoint Security Complete to the test. And we thwarted every single targeted attack.

Industry Recognition

Symantec is named a Leader once again in 2019 Gartner Magic Quadrant for Endpoint Protection Platforms.
Learn More

Symantec Endpoint Protection Wins AV-Test's Best Protection award for the fourth consecutive year.
Learn More

Symantec named a Leader in The Forrester Wave™: Endpoint Security Suites, Q3 2019.
Learn More

Symantec Awarded Best Enterprise Endpoint Security by SE Labs
Learn More

Related Products

PURCHASING OPTIONS Upgrade Buy via Partner