Trust Center | Everpure (formerly Pure Storage)

Dismiss

Innovation

A platform built for AI

Unified, automated, and ready to turn data into intelligence.

Dismiss

June 16-18, Las Vegas

Pure//Accelerate® 2026

Discover how to unlock the true value of your data.

Dismiss

NVIDIA GTC San Jose 2026

Experience the Everpure difference at GTC

March 16-19 | Booth #935
San Jose McEnery Convention Center

Schedule a Meeting

Contact Us Personalize for Me

Trust Center

Explore how Everpure safeguards data with robust security controls, certifications, and proven compliance leadership.

Download the Trust Packet View Certifications

Product security resources

Security bulletins

Get the latest updates on security vulnerabilities and incidents, including detailed impact analysis and resolutions.

Stay Cyber Ready Stay Cyber Ready

CVE database

Access our centralized repository of product vulnerabilities (CVEs) with associated impact assessments and fixes.

Access CVE Details Access CVE Details

Vulnerability disclosure policy

Learn how to responsibly report potential security vulnerabilities and how our team manages and responds to disclosures.

Read Our Policy Read Our Policy

Report a security issue

Submit security vulnerabilities or incidents to the Everpure security team for prompt review and resolution.

Contact the Security Team Contact the Security Team

Certifications

We protect data, maintain compliance, and build customer trust with industry-leading, global security standards.

INDUSTRY-RECOGNIZED CERTIFICATIONS

ISO 27001 Certificate

ISO 27001 certifies our rigorous controls to protect customer data and ensure secure, reliable systems.

INDUSTRY-RECOGNIZED CERTIFICATIONS

SOC 2 Type II Report

SOC 2 verifies our strong internal controls to ensure the security, confidentiality, and availability of our platform.

*For Everpure employees, please reach out to Customer Trust

Request SOC 2 Type II Report

INDUSTRY-RECOGNIZED CERTIFICATIONS

FIPS 140-3 Certificate

Everpure aligns with NIST cybersecurity standards, meeting NIST FIPS 140-3 for data protection and compliance.

INDUSTRY-RECOGNIZED CERTIFICATIONS

Common Criteria //FA

NIAP Common Criteria certifies our products meet rigorous global security standards for government and defense assurance.

INDUSTRY-RECOGNIZED CERTIFICATIONS

Common Criteria //FB

Common Criteria certifies our products meet rigorous global security standards for government and defense assurance.

INDUSTRY-RECOGNIZED CERTIFICATIONS

VPAT Accessibility Conformance Report //FA

Our VPAT outlines how we meet accessibility standards, ensuring our technology is inclusive for all users.

INDUSTRY-RECOGNIZED CERTIFICATIONS

VPAT Accessibility Conformance Report //FB

Our VPAT outlines how we meet accessibility standards, ensuring our technology is inclusive for all users.

INDUSTRY-RECOGNIZED CERTIFICATIONS

ProcessUnity Global Risk Exchange Assessment Report

Visit our CyberGRX profile to reduce your supplier due-diligence burden.

Explore CyberGRX

Product support and security resources

Product support

Find answers to your technical questions and learn how to use our products.

Get Help Now

Product security

Explore product security resources, including the CVE database, security bulletins, certifications, and more. bulletins, and customer security support.

Learn More

Featured security resources and insights

PRESS RELEASE

Everpure Expands Cyber Resilience Innovations

Introducing new cyber-resilience capabilities that strengthen data protection, accelerate recovery, and help organizations defend against evolving threats.

BLOG

Are You Making Any of These Mistakes with Your Log Analytics?

Security log analytics is pretty much SecOps table stakes. Learn how to avoid common mistakes that can prevent you from leveraging this goldmine.

BLOG

Cyber-ready AI: Why Enterprise AI Security Can’t Stay in the Sandbox

Learn more about security-first storage and how it can scale with enterprise needs and evolving threats.

BLOG

5 Ways Enterprise Data Cloud Improves Cyber Resilience

Boost resilience with Everpure’s Enterprise Data Cloud—unified storage, automated protection, and cleanroom recovery.

BLOG

How Zombie Accounts Threaten Enterprise Security

Learn about “zombie” identities, or non-human identities (NHIs), and how you can manage them.

BLOG

Security Simplified: Actionable CVE Updates

Organizations must be able to rapidly understand, assess, and mitigate vulnerabilities. See how Everpure can help.

See All Resources

Security assurance

Connected detection

Stay ahead of threats with native detection, tightly integrated to SecOps, for automated remediation.

Learn More Learn More

Data availability with layered resilience

Safeguard data with SafeMode™ Snapshots, fast recovery, and redundancy for cyber resilience.

Learn More Learn More

Governance and continuous assurance

Explore how Everpure unites risk, compliance, and monitoring to meet global standards like ISO 27001, OMB M-22-18, and NIST SP 800-218A.

View Assurance Packet View Assurance Packet

Data and privacy protection

Learn how we protect privacy with data minimization, encryption, and GDPR/CCPA compliance

Read Our Privacy Notice Read Our Privacy Notice

Embedded security in the development lifecycle

Read how we build security into SSDLC (Secure Software Development Lifecycle) with secure coding, threat modeling, and continuous vulnerability testing.

Explore SSDLC Practices Explore SSDLC Practices

FAQs

Do you undergo regular third-party security audits or penetration testing?

The security team partners with reputable third-party security firms to perform specialized penetration tests across our infrastructure, products, and services, including Everpure FlashArray™, FlashBlade®, and cloud environments on an annual basis. Tests cover web applications, product features, code reviews, and threat modeling, thereby driving a robust security posture. Penetration test reports can be made available to customers upon request, subject to a mutual non-disclosure agreement (NDA).

How is access to customer data restricted and monitored?

Everpure does not process, store, or transmit customer data. Arrays are on-premise storage platforms that will remain under the customer's control. However we do receive system health and telemetry data which is stored in Pure1.

How do you encrypt data at rest and in transit?

All data is encrypted with AES 256-bit encryption. This encryption is done at the firmware level and is not hardware dependent. Our data encryption occurs without impact on performance and while maintaining full data reduction capabilities.

FlashArray and FlashBlade encryption are FIPS 140-3 certified, NIST compliant, NIAP/Common Criteria validated, and PCI-DSS compliant. The efficacy of our data encryption and data erasure have been validated by Kroll OnTrack, one of the industry’s leading security firms.

How do you detect, respond to, and communicate security incidents or breaches?

Everpure detects security incidents through continuous monitoring of all arrays, which report back to the Pure1® cloud-based monitoring system every 30 seconds with detailed telemetrics and every hour with a full activity log. This real-time data enables proactive identification and resolution of issues. The Incident Response Program promptly identifies, declares, and responds to security incidents, managed by our Security Operations team.

In the event of a confirmed security incident or data breach, Everpure notifies customers in writing no later than 72 hours after becoming aware of the incident, including incidents where data is accessed by or disclosed to an unauthorized party, and follows an established Incident Response Procedure as per contractual agreements.

Do you support Single Sign-On (SSO), MFA, or integration with identity providers (Okta, Azure AD, etc.)?

Yes. Everpure supports Single Sign-On (SSO) as the primary application portal, which requires multi-factor authentication (MFA). Multi-Factor Authentication is supported via RSA SecureID, and all applications published by Everpure IT require MFA. Pure1 provides SSO using SAML and can be integrated with the customer's Identity Provider. Purity OE supports SAML2-based SSO integration with Microsoft Active Directory Federation Services (AD FS), and SSO integration can optionally include MFA such as through a certificate or Microsoft Azure authentication. FlashArray supports SAML2.0, LDAP, and Active Directory integration for authentication and role-based access control. Administrative accounts can be integrated with Microsoft Active Directory or OpenLDAP, enabling granular administration and role assignment.

Committed to your protection

Join the Everpure community

The Everpure Community connects customers, partners, and experts to share knowledge, get support, and learn together.

Get Started

Contact us

Contact the Everpure Security team for questions, concerns, or reports related to security vulnerabilities, incidents, or disclosures.

Contact Support

SOC 2 Type II Request Form

* indicates a required field.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

{"items":[{"sourceType":"field","htmlId":"FirstName","label":"First Name:","valuesDropDown":[],"resourceName":"item"},{"sourceType":"field","htmlId":"LastName","label":"Last Name:","valuesDropDown":[],"resourceName":"item_832259886"},{"sourceType":"field","htmlId":"Email","label":"Work Email:","valuesDropDown":[],"resourceName":"item_1226277466"},{"sourceType":"field","htmlId":"Phone","label":"Phone Number:","valuesDropDown":[],"resourceName":"item_1083607498"},{"sourceType":"field","htmlId":"Company","label":"Company Name:","valuesDropDown":[],"resourceName":"item_407296633"},{"sourceType":"field","htmlId":"Title","label":"Job Title:","valuesDropDown":[],"resourceName":"item_1536030190"},{"sourceType":"field","htmlId":"Country","label":"Country:","valuesDropDown":[],"resourceName":"item_1919726167"},{"sourceType":"field","htmlId":"sessiontime","label":"Choose your preferred time:","valuesDropDown":[],"resourceName":"item_1328836745"},{"sourceType":"field","htmlId":"Description_Other__c","placeholderText":"What would you like to talk to us about?","label":"What would you like to talk to us about?","valuesDropDown":[],"resourceName":"item_107231206"},{"sourceType":"values","htmlId":"Description_Other__c","valuesDropDown":[{"key":"Choose one","text":"Choose one"},{"key":"VMware and Virtualization","text":"VMware and Virtualization"},{"key":"Cloud or Hybrid Cloud Solutions","text":"Cloud or Hybrid Cloud Solutions"},{"key":"AI and Analytics","text":"AI and Analytics"},{"key":"Data Protection and Cyber Resilience","text":"Data Protection and Cyber Resilience"},{"key":"Databases and Business Applications","text":"Databases and Business Applications"},{"key":"All Other Sales Inquiries","text":"All Other Sales Inquiries"}],"resourceName":"item_1853297185"},{"sourceType":"field","htmlId":"Question","placeholderText":"How can we help?","label":"How can we help?","valuesDropDown":[],"resourceName":"item_2107803381"},{"sourceType":"checkbox","htmlId":"Explicit_Opt_in__c","description":"\u003cp\u003eBy checking this box, I authorise Pure Storage, Inc. and its affiliates (\u0026quot;Pure\u0026quot;) and its authorised partners to use my personal data in order to receive information and updates regarding Pure products, services, surveys and events.\u003c/p\u003e\r\n\u003cp\u003eThe information you provide us will be used in accordance with the terms of the Pure Storage\u0026nbsp;\u003ca href\u003d\"/content/purestorage-com/privacy.html\" target\u003d\"_self\"\u003ePrivacy Policy\u003c/a\u003e\u003c/p\u003e\r\n","valuesDropDown":[],"resourceName":"item_713216797"},{"sourceType":"ccpa","htmlId":"ccpa_notice","description":"\u003cp\u003ePure Storage uses the personal data you submit (including name, phone, email, company, job title, location in the form) to provide you with relevant information and help process any orders you may place through Pure or our partners. By clicking submit you agree to sharing of this personal data with Pure Storage and our partners and related third parties.\u003cbr\u003e\r\n\u003cbr\u003e\r\nYou have the right to request deletion of your personal data, and the right to opt-out of sale of your personal data.\u0026nbsp;\u003ca href\u003d\"/content/purestorage-com/privacy.html#ccpa\" target\u003d\"_self\"\u003ePrivacy Notice\u003c/a\u003e\u003cbr\u003e\r\n\u003c/p\u003e\r\n\u003cp\u003eThis site is protected by reCAPTCHA and the Google\u0026nbsp;\u003ca href\u003d\"https://policies.google.com/privacy\" target\u003d\"_blank\"\u003ePrivacy Policy\u003c/a\u003e\u0026nbsp;and\u0026nbsp;\u003ca href\u003d\"https://policies.google.com/terms\" target\u003d\"_blank\"\u003eTerms of Service\u003c/a\u003e\u0026nbsp;apply.\u003c/p\u003e\r\n","valuesDropDown":[],"resourceName":"item_547565321"}]}

Your Browser Is No Longer Supported!

Older browsers often represent security risks. In order to deliver the best possible experience when using our site, please update to any of these latest browsers.