Our security program consists of a risk-based approach that includes administrative, technical and physical safeguards reasonably designed to protect the confidentiality, integrity and availability of Nutanix classified, customer, and partner data. Nutanix's information security program is aligned to the ISF Standard of Good Practice, ISO 27001/2, ISO 27017, ISO 27018, and includes key controls from SOC2.

The Corporate IT Governance, Risk & Compliance (GRC) team establishes policies, provides security governance, evaluates risk, and monitors compliance with the security program and policy.

The Corporate IT Security Engineering team establishes security requirements, implements security solutions, and designs maintenance processes and maintains security technologies consumed by the Information Security organization.

The Corporate IT Security Operations team performs security monitoring, responds to security event and incidents, manages security incidents throughout their lifecycle, and automates security operational processes whenever possible.


Learn more about Nutanix capabilities, industry best practices, and techniques to incorporate into your cybersecurity defense strategies for preventing and recovering from ransomware when using a private cloud built on Nutanix.

Nutanix Vulnerability Disclosure Program

At Nutanix, we take the security, integrity and privacy of our products seriously. We are committed to supporting the valuable work that researchers and partners provide to help improve the security of our products and our environments.If you think that you may have found a security vulnerability that affects Nutanix or our customers, we encourage you to learn about our Vulnerability Disclosure Program and submit your findings at

How to contact Nutanix about other security related issues

Please send a GPG encrypted email using the public key below to the Nutanix Security Engineering team at All non-security related correspondence (using the GPG key below?) will be discarded. If any of the encryption keys used for happen to be revoked, there will be a revocation notice along with relevant information about the new keys on this page.

Download: 9AA0DAB7
Fingerprint: 991B AB35 18CF 64E3 ABF5 6AF7 30C5 0EA4 9AA0 DAB7