Subscribe to GEN
Login to GEN
Mariana Vasquez, the CISO of a global fintech firm called Veridian Payments , had a problem that kept her awake at night. It wasn’t the firewall. It wasn’t the endpoint detection. Those were locked down. Her problem lived in the vast, ungoverned wilderness outside her perimeter: the open web, dark web forums, mobile app stores, and social media.
Mariana’s analyst, David, was assigned to operate the Symantec DRP console. Here is where the story gets nuanced.
Symantec’s advantage was its context . When David clicked on the dark web listing, the platform didn’t just show a screenshot. It cross-referenced the seller’s handle with historical threat actor profiles, linked it to prior attacks on banking sector, and even provided a confidence score (87% likely tied to the TA544 gang). This was not a simple scanner; it was a fusion of OSINT and Symantec’s proprietary threat research. Mariana Vasquez, the CISO of a global fintech
But she layered it with a separate, lightweight for social media and mobile app stores, because Symantec’s UI was too slow for her Tier-1 analysts to use daily. She also refused to pay for the automation add-on, instead building a custom Python script using Symantec’s API to feed malicious domains directly into her firewall.
In her closing board slide, she wrote: “Symantec DRP is a nuclear submarine: incredibly powerful, deeply capable, but expensive to crew and slow to turn. It will protect you from a sophisticated, patient adversary. It will not save you from a teenager with a meme account on a new social platform. Evaluate based on your risk profile: if you face nation-state or organized cybercrime, buy Symantec. If you just need to protect your brand from common fraud, buy a faster, smaller ship.” And with that, Veridian Payments achieved a new state of digital risk awareness—not perfect, but no longer blind. Those were locked down
Mariana’s story ends with a renewal—but a conditional one.
The user experience was enterprise-grade—meaning slow, clunky, and requiring dedicated training. In contrast, competitors like ZeroFox or RiskIQ (now Microsoft) offered a more fluid, modern UI. Mariana also discovered that —the ability to automatically block malicious domains via her DNS provider—required an expensive add-on integration. Out of the box, Symantec was exceptional at detection but mediocre at automated remediation . Here is where the story gets nuanced
However, Mariana quickly hit the well-known pain point of post-acquisition Symantec. The interface was powerful but dense . It had been built over a decade, with tabs for “Brand Protection,” “Threat Intelligence,” “Data Loss Prevention,” and “Web Isolation.” David complained: “It feels like flying a 747 when I just need a drone. To report a fake Instagram account, I have to navigate three different modules.”