Our entire business is built on trust. We have established robust security, data protection, and privacy programs to ensure you can trust Nutanix to keep your data safe. Our Trust framework is comprised of security, privacy, compliance and transparency capabilities that span seven domains.
Nutanix takes security very seriously, and we take immediate action to address serious security-related problems involving our products or services. Nutanix customers should contact support for inquiries or questions regarding industry published Critical Vulnerability Enumerations (CVEs), product exposure, and patching timelines. For more information on opening a case, see the Support Quick Reference Guide.
Responsible Disclosure Program
Nutanix values its relationship with security ecosystem partners and independent security researchers. Industry recognized security researchers should report any suspected security vulnerabilities in a Nutanix product or service to the Nutanix Responsible Disclosure Program: hackerone.com/nutanix.
Who responds to findings at hackerone.com/nutanix
Only members of the Nutanix Security Engineering team, which is comprised of a small subset of security professionals within Nutanix, will have access to material and correspondence sent to this location.
How to Contact Us with other Issues
Nutanix Security Engineering offers the option to send GPG-encrypted secure email messages. Email sent to firstname.lastname@example.org can be encrypted with the public key listed below. Any revocation of GPG keys for the email@example.com account will have an accompanying renovation notice posted on this page as well as information on the new keys.
9AA0DAB7: Nutanix Security Engineering and Research Team firstname.lastname@example.org
This key is used for secure communication with the Nutanix Security Engineering team, and may in the future be used to sign certain announcements or advisories as needed.
Fingerprint: 991B AB35 18CF 64E3 ABF5 6AF7 30C5 0EA4 9AA0 DAB7
We do not accept encrypted communications via any other address or support mechanism with the above key and will discard non-security related correspondence encrypted with the above key.
How we respond
Email correspondance sent to the email@example.com alias will be read and acknowledged by return message within 72 hours, not including US weekends or holidays. Product support inquiries including upcoming patch timelines and CVE inclusion in a future release must be obtained by way of an official Nutanix Support ticket via the methods described in the Support Quick Reference Guide.