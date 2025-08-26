LAS VEGAS, Aug. 26, 2025 (GLOBE NEWSWIRE) -- VMware Explore 2025—Today, Broadcom Inc. (NASDAQ: AVGO) announced VMware Cloud Foundation (VCF) Advanced Cyber Compliance and new innovations across VMware vDefend and VMware Avi Load Balancer to strengthen resilience, compliance and security for customers adopting a modern private cloud in regulated industries.

Cyber resilience and compliance are top of mind to C-Suite executives, board members and IT practitioners as most organizations today face complex challenges that put their data at risk. Research shows that 65% of attacks to large organizations resulted in data encryption, and 30% involved data exfiltration1. Compliance management also continues to be a significant hurdle as 71% of multinational enterprises struggle with cross-border regulatory adherence2. VMware Cloud Foundation is engineered to enable secure, compliant and resilient operations end-to-end.

“Cyber-attacks and failure to meet regulatory requirements carry significant human and financial consequences,” said Paul Turner, vice president of products, VMware Cloud Foundation Division at Broadcom. “A cyber-resilient private cloud based on VMware Cloud Foundation and Advanced Services provides a unified approach to infrastructure hardening, threat prevention, compliance, and cyber recovery that inherently eliminates the complexities and vulnerabilities of disparate point solutions. With our latest innovations, we’re taking the next step in simplifying cyber compliance and better protecting AI workloads.”

New Cyber Compliance Advanced Service for VMware Cloud Foundation

Many customers operating in highly-regulated environments require increased cyber-risk governance and automated compliance management at scale. Broadcom is announcing VCF Advanced Cyber Compliance, a new Advanced Service that combines industry-leading technologies to deliver enhanced cyber compliance, resiliency, and platform security for VCF environments. The offering is built around three key business outcomes:

Continuous Compliance Enforcement at Scale: VCF SaltStack capabilities, accessible directly from the VCF Operations console, will enable fully-automated monitoring and desired state remediation at scale to provide continuous compliance for VCF environments and eliminate visibility silos. Additionally, customers will gain access to managed and secure data engine images, with enterprise support and automated patching to strengthen compliance for critical databases.

VCF SaltStack capabilities, accessible directly from the VCF Operations console, will enable fully-automated monitoring and desired state remediation at scale to provide continuous compliance for VCF environments and eliminate visibility silos. Additionally, customers will gain access to managed and secure data engine images, with enterprise support and automated patching to strengthen compliance for critical databases. Automated Cyber and Data Recovery: the service will enable fully automated cyber and disaster recovery to isolated, on-premises VCF clean rooms. Integrated push-button VM network isolation will enable rapid recovery from ransomware and IT disruptions such as power outages, natural disasters, and hardware failures. Secure restore operations are powered by end-to-end cyber recovery workflows with integrated validation tools that identify and help clean both fileless and file-based strains of malware. VCF Advanced Cyber Compliance will also strengthen resilience for data engines with automated operational cloning, backup and restore

the service will enable fully automated cyber and disaster recovery to isolated, on-premises VCF clean rooms. Integrated push-button VM network isolation will enable rapid recovery from ransomware and IT disruptions such as power outages, natural disasters, and hardware failures. Secure restore operations are powered by end-to-end cyber recovery workflows with integrated validation tools that identify and help clean both fileless and file-based strains of malware. VCF Advanced Cyber Compliance will also strengthen resilience for data engines with automated operational cloning, backup and restore Enhanced Platform Security and Incident Response: the offering will enable customers to access secure-by-design container images with enterprise support, advanced secure computing to bolster protection at the core of the infrastructure and reduce the attack surface, and premium compliance and risk management with proactive assessments and early access to compliance updates.



VMware vDefend and VMware Cloud Foundation Protect the Modern Private Cloud

With VCF and VMware vDefend, advanced micro-segmentation, adherence to Zero Trust principles, and enhanced threat detection embedded directly into the compute, storage, and networking layers make security intrinsic for critical enterprise workloads. The vDefend Advanced Service for VCF helps customers achieve greater application and threat visibility, implement Zero Trust lateral security, and deploy a multi-layer defense against modern malware and ransomware attacks. The newest VMware vDefend innovations for the modern private cloud include:

Lateral Security for AI Workloads: vDefend is introducing a tech preview for Zero Trust lateral security specifically for agentic AI workloads running on VMware Cloud Foundation. This capability will address the new attack surface created by AI workloads by securing communication paths and access controls with a Zero Trust model.

vDefend is introducing a tech preview for Zero Trust lateral security specifically for agentic AI workloads running on VMware Cloud Foundation. This capability will address the new attack surface created by AI workloads by securing communication paths and access controls with a Zero Trust model. Accelerating Zero Trust Implementation: New automation-driven workflows will fast-track multi-stage segmentation for private cloud workloads, securing foundational services first, then progressively applying granular application-level protection. New Firewall Rule Analysis will optimize Distributed Firewall rules by identifying redundancies and misconfigurations, allowing lean and efficient security policies. Together, these features will streamline lateral security.

New automation-driven workflows will fast-track multi-stage segmentation for private cloud workloads, securing foundational services first, then progressively applying granular application-level protection. New Firewall Rule Analysis will optimize Distributed Firewall rules by identifying redundancies and misconfigurations, allowing lean and efficient security policies. Together, these features will streamline lateral security. Extended Threat Detection: A new Network Detection and Response (NDR) sensor will provide comprehensive, data center-wide threat visibility. It can be deployed into existing monitoring fabrics to collect traffic from all data center workloads and network devices. This enables the detection of enterprise-wide threat campaigns, enhancing overall security posture.

A new Network Detection and Response (NDR) sensor will provide comprehensive, data center-wide threat visibility. It can be deployed into existing monitoring fabrics to collect traffic from all data center workloads and network devices. This enables the detection of enterprise-wide threat campaigns, enhancing overall security posture. Fileless Malware Defense: vDefend will include advanced capabilities for fileless malware detection, directly targeting stealthy in-memory attacks that leverage PowerShell, VBScript, and Jscript. By integrating with the Antimalware Scan Interface (AMSI) for Windows workloads, vDefend inspects and intercepts malicious scripts before execution. This enhancement closes a major blind spot by providing in-memory detection and rich telemetry for forensic analysis.

Boosting Security for VMware Cloud Foundation with Avi Load Balancer

VMware Avi Load Balancer with VMware Cloud Foundation enables customers to deploy layered threat defense to help protect workloads against web-level attacks. The newest Avi Load Balancer innovations for VCF-based modern private clouds include:

Post-quantum Cryptography (PQC): PQC addresses the concern that quantum computing would break current encryption schemes and hence can compromise privacy and data confidentiality. Avi will support National Institute of Standards and Technology (NIST) specified PQC algorithms designed to ensure quantum resistant cryptography.

PQC addresses the concern that quantum computing would break current encryption schemes and hence can compromise privacy and data confidentiality. Avi will support National Institute of Standards and Technology (NIST) specified PQC algorithms designed to ensure quantum resistant cryptography. Mutual Authentication for TLS (mTLS): In vSphere Kubernetes Service environments, Avi’s mTLS capability will support cryptographic authentication for both client and server connections, further enhancing security for Kubernetes application traffic.

In vSphere Kubernetes Service environments, Avi’s mTLS capability will support cryptographic authentication for both client and server connections, further enhancing security for Kubernetes application traffic. WAF Assessment and Report: Avi will provide a built-in Web Application Firewall (WAF) assessment tool, enabling customers to quickly assess security posture for web-centric attacks and generate a report. This enables VCF administrators to enable Avi WAF protection progressively across VCF applications, starting with high-risk areas.

Avi will provide a built-in Web Application Firewall (WAF) assessment tool, enabling customers to quickly assess security posture for web-centric attacks and generate a report. This enables VCF administrators to enable Avi WAF protection progressively across VCF applications, starting with high-risk areas. MCP Traffic Security for Agentic AI Workloads: Model Context Protocol (MCP) is being increasingly adopted by AI developers for agentic AI applications. Avi is introducing a tech preview of securing MCP traffic with WAF while providing MCP session persistence and authorization to help reduce the new attack surface.

