Pure Security

Last updated
Save as PDF

Here at Pure Storage, we are driven by storage and our passion for security. Learn more about how our security DNA gives you peace of mind over your data security program.


White Papers	Field Bulletins	CVE Database (login required)	Contact Us

Security Documentation

Our Security features are documented across various Product Documentation on our site. Here's a quick reference to our various Security sections.

FlashArray Security Documentation

FlashArray Certifications and Compliance
FlashArray Security Reference
- Pure Storage FlashArray Access Security TB-160202
- The FlashArray Data Security Model TB-160201

Additional Reference:

The Pure Storage Role in Malware Protection - TB-210402

FlashBlade Security Documentation

Customers should feel comfortable that their data is stored safely. Here is some documentation on FlashBlade Security.

All blades that are returned to Pure undergo a stress test which erases and overwrites the data in every block within the NAND. Any blade that does not pass the stress test (broken, too worn, etc) is destroyed. We also offer a non-return option. This is more expensive to the customer as Pure does not get the blade returned. The support process for determining broken parts is the same except the customer would be responsible for the destruction of the non-returned part.

Additional Reference:

Pure1 Security Documentation

Pure1 Security Reference
- Pure1 and GDPR Compliance - TB-210301
- Pure1 Security: Technical Report TB-160501

Enterprise Security Documentation

Security Advisories

"SpringShell" or "Spring4Shell"

WAF rules mitigated against exploitation regarding the "Spring4Shell" Remote Code Execution Vulnerability (CVE-2022-22965).

Apache Log4j / Log4Shell

A self-service, online, non-disruptive patch to address the Log4j vulnerability (CVE-2021-44228) is now available.