News Releases4 min read

Industry Support for the VMware Compliance Reference Architecture

Read the Press Release:

VMware Simplifies Compliance for Business-Critical Applications in the Cloud


“As a leading qualified security assessor (QSA) with full lifecycle compliance services and security solutions integration, we believe that VMware’s approach and efforts are extremely important to the industry.  By taking the compliance and PCI challenge head on with an open, partner-oriented approach, VMware is creating a common ground for all players to come together to demystify and simplify the foundations of PCI. As a result, organizations are better able to solve problems and reduce the risks, costs and complexities of achieving compliance. Accuvant strongly supports and is committed to the VMware compliance strategy and program.”
–Steve Perkins, director, Secure Virtualization, Accuvant

“Catbird has helped many of VMware’s regulated customers achieve PCI compliance via our multi-award winning security and compliance automation suite. This joint Catbird-VMware Solution Guide for PCI gives clear guidance to auditors and IT management on the 48 Priority 1 and 2 technical controls enforced by Catbird, helping to accelerate deployment of payment systems to VMware vSphere®.”
--Tamar Newberger, vice president, Marketing, Catbird

“The VMware Solution Guide for PCI is an example of VMware leveraging Coalfire’s industry leadership, which enables customers to address their PCI DSS requirements to gain maximum business benefit from VMware virtualization and cloud infrastructure solutions.  Furthermore, the VMware Compliance Reference Architectures demonstrate our ability to provide much-needed subject matter expertise, advisory and IT GRC services in complex and highly regulated industries such as healthcare, government, financial services, utilities and the payment card industry.”
 --Tom McAndrew, executive vice president, Professional Services, Coalfire

"Enterprises are looking for effective solutions that provide comprehensive security for virtualized environments while ensuring compliance with key industry and government regulations. As a certified Qualified Security Assessor (QSA) and an experienced IT infrastructure integrator, Forsythe has the perspective and expertise to help enterprises design the right security infrastructure for their virtual and physical environments. The VMware Solution Guide for PCI provides guidance in how enterprises can virtualize business critical applications and meet compliance requirements.”
--Joe Rueda, vice president, Systems Computing Solutions, Forsythe Technology

“In order to meet demanding regulatory requirements customers are looking to accelerate implementing security for their virtualization and cloud deployments. The HP and VMware Solution Guide for PCI illustrates our ability to work jointly with VMware cloud infrastructure in an audit-approved method to address more than half of the requirements for securing highly regulated workloads like PCI.”
--Sanjay Raja, director, Product Marketing, Network and Virtualization Security, Enterprise Security, HP

"Many VMware customers turn to HyTrust to achieve PCI compliance and pass audits for virtualized workloads. We welcome VMware's Compliance Reference Architectures, which will further encourage customers to virtualize regulated workloads and accelerate private cloud adoption." 
–Eric Chiu, founder and president, HyTrust, Inc.

"As a trusted advisor on some of the most complex and dynamic Fortune 500 compliance programs, IOActive applauds VMware's achievement on this common compliance baseline, which will empower companies to overcome many fundamental issues along their path to compliance. As pioneers in the cloud compliance space, IOActive is thrilled to lend our expertise to this framework. Our highly specialized security services share a common goal with VMware's new approach that strives to enable enterprises to be more than compliant - to be secure as well."
--Jennifer Steffens, chief executive officer, IOActive

“VMware Compliance Reference Architectures show VMware's commitment to customers moving business-critical applications to VMware vSphere®. Products that extend VMware cloud infrastructure are essential ingredients for enabling customers to address PCI regulatory requirements and reduce risk with VMware virtualization and cloud infrastructure products.”
-Richard Haag, senior vice president, K3DES

“LogRhythm’s SIEM 2.0 with integrated file integrity monitoring complements and extends VMware’s native capabilities to help customers assure regulatory compliance when moving business-critical applications to VMware vSphere®. The VMware Solution Guide for PCI, including the LogRhythm qualified security assessor-reviewed addendum, provides a clear and validated roadmap for achieving PCI compliance in virtual environments.”
--Matt Winter, vice president of corporate and business development, LogRhythm

“McAfee understands the complexities customers face in meeting demanding regulatory requirements and welcomes the opportunity to support the new VMware Compliance Reference Architectures. McAfee's server, network and endpoint security solutions are leveraging VMware vShield™ APIs and are optimized for VMware environments. The new PCI solution guide gives customers clear guidance on compliance in the virtualized environment to help further accelerate cloud adoption for business-critical applications."
--Rishi Bhargava, senior director, Product Management, McAfee

“RSA has a comprehensive security management and compliance suite, including RSA Archer®, RSA® Data Loss Prevention, RSA enVision® and RSA NetWitness® technology.  These products are integrated together to help better protect credit card data and address PCI compliance requirements in virtual environments. RSA continues to partner with VMware to help customers migrate to virtual and private cloud environments securely.”
–Carol Clark, senior director, Security Management and Compliance, RSA, The Security Division of EMC

“The VMware Compliance Reference Architectures deliver a collaborative multi-vendor effort to help customers move business-critical applications to VMware vSphere®.  This solutions guide for PCI illustrates an ability to address cost and complexity concerns of customers that are expanding their PCI audit scope to include virtual environments.”
–Kurt Van Etten, director, Product Management, Symantec Enterprise Security Group

Trend Micro
"Over the years, the PCI data security standards have helped raise enterprise security postures by delivering prescriptive, actionable requirements for IT security teams. Trend Micro strongly endorses the PCI data security standards and we have worked diligently to ensure our products enable our customers to simplify their compliance processes. VMware's leadership in the establishment of the VMware Compliance Reference Architectures, in partnership with Trend Micro's advanced virtualization security capabilities, delivers further clarity for enterprises wishing to expand audit-compliant operations to VMware virtualized environments."
--Partha Panda, vice president, Business Development, Trend Micro



# # #