Nutanix Corporate Security Program

Our security program consists of a risk-based approach that includes administrative, technical and physical safeguards reasonably designed to protect the confidentiality, integrity and availability of Nutanix classified, customer, and partner data. Nutanix's information security program is aligned to the ISF Standard of Good Practice, ISO 27001/2, ISO 27017, ISO 27018, and includes key controls from SOC2.

The Corporate IT Governance, Risk & Compliance (GRC) team establishes policies, provides security governance, evaluates risk, and monitors compliance with the security program and policy.

The Corporate IT Security Engineering team establishes security requirements, implements security solutions, and designs maintenance processes and maintains security technologies consumed by the Information Security organization.

The Corporate IT Security Operations team performs security monitoring, responds to security event and incidents, manages security incidents throughout their lifecycle, and automates security operational processes whenever possible.

Security Certifications