The VMware Security Response Center (VSRC) leads the analysis and remediation of software security issues in VMware products. VSRC works with customers and the security research community to achieve our goals of addressing these issues and providing customers with actionable security information in a timely manner.
VSRC receives reports directly, and monitors the ecosystem for discussion, of security issues in VMware products. After validating a report, VSRC works with VMware Research and Development to develop a solution and schedule releases that address the issue. Meanwhile, VSRC keeps the reporter informed on progress. Upon remediating the issue, VSRC releases a VMware Security Advisory.
For further details on the process and our commitment to customers, see the VMware Security Response Policy.
VSRC answers customer questions through VMware Global Support Services (GSS). Customers who have questions on known security issues may open a support request with GSS. In cases where GSS requires additional input, GSS relays the question to VSRC for further research. Customers who believe they have found a new security issue may directly report it to VSRC.