Enterprise Software Blogs

CA Client Automation - Patch Management - Published Windows OS and Office Security Individual Patches for June, 2025

By Sreekanth Chejarla
On behalf of CA Technologies, a Broadcom Company, we are pleased to notify you that individual patches for June, 2026 is now available. The following Individual patches have been published: 2026-06 Office - msodll302016-kb5002852-fullfile-x86-glb 2026-06 Office - word2016-kb5002879-fullfile-x86-glb 2026-06 Office - excel2016-kb5002877-fullfile-x86-glb 2026-06 Office - mso2016-kb5002878-fullfile-x86-glb 2026-06 Office - excel2016-kb5002877-fullfile-x64-glb 2026-06 Office - word2016-kb5002879-fullfile-x64-glb 2026-06 Office - msodll302016-kb5002852-fullfile-x64-glb 2026-06 Office ...
0 comments

Unlocking Full-Stack Observability for the Private Cloud: Integrating VCF Operations with DX O2

By Ashish Aggarwal
With DX Operational Observability (DX O2) r 26.5.1 , we have extended VCF platform support which now seamlessly integrates VCF Operations (VCFOps) telemetry directly into DX O2. This integration blends full stack observability and advanced AIOps capabilities tailored for the modern private cloud. Bridging the Gap with the Open Data Connector (ODC) As organizations increasingly rely on VMware Cloud Foundation (VCF) to power enterprise private clouds, VCF Administrators, Site Reliability Engineers (SREs), and IT Operations teams are tasked with managing immensely complex infrastructures. These teams need a unified view with information and context ...
0 comments

Integrating Endevor CAST with SonarQube

By Chandru Rengarajan
Integrating Endevor CAST with SonarQube: Integrating a SonarQube code-quality gate into Endevor Package CAST actions offers a seamless and efficient way to enforce code quality standards for software managed by Endevor. This approach embeds scanning and validation directly into the existing pipeline, which streamlines the enforcement process. Endevor packages, which group inventory items for approvals and promotions through the pipeline, are subject to a CAST action to determine their suitability for execution. This CAST action includes a series of built-in validations on the package content. If any of these internal ...
0 comments

Introducing VMware vDefend Lateral Security Design Blueprints for VCF 9.1

By Michelle Plato
In the past, data center security mostly relied on perimeter protection—”building walls” to keep bad actors out. Today, safeguarding the data center’s “east-west” or lateral traffic traversing within applications and data is just as critical. Threat actors are leveraging “Frontier AI” security models to automate and accelerate attacks against private cloud workloads. To help enterprises achieve best-of-breed protection with significantly reduced complexity, we are excited to announce new VMware vDefend blueprints to speed up lateral security roll-out across VCF private cloud workloads and help organizations quickly buy down risk. The “Lateral Security for ...
0 comments

The Next Era of CloudHealth Reporting: Unveiling Our Newly Enhanced Reporting Experience

By TJ March
The Next Era of CloudHealth Reporting: Unveiling Our Newly Enhanced Reporting Experience About the Author: Cathal Cleary - Product Leader | CloudHealth, Governing Board | FinOps Foundation Today marks a big moment for the new CloudHealth experience. We are excited to announce significant enhancements to the core reporting capabilities of the platform. This new framework represents an explainable and predictable reporting model that simplifies the user experience. It is ready for the scale of data that the AI era is bringing. Here is everything you need to know about what is waiting for you in the new experience. Powerful New Reporting ...
0 comments

Fresh from the Labs: CloudHealth Product Updates May 2026

By TJ March
Fresh from the Labs: CloudHealth Product Updates May 2026 About the Author: Cathal Cleary - Product Leader | CloudHealth, Governing Board | FinOps Foundation Spring is in full swing, the days are getting longer, and here at the labs, our engineering teams have been burning some serious midnight oil. We are just days away from packing our bags for FinOpsX in San Diego, and the excitement is palpable. If you’re heading out there, please come find us on the expo floor on booth #E8! We’d love to hand you some fresh swag, walk you through a live demo, or just chat about how your cloud journey is going. We even have a cool way to win better swag. Grab a ...
0 comments

Trust Your Data, Trust Your Process: The Critical Role of Governance and Intelligent Flow

By Michelle Kerby
Summary Enterprise AI adoption often stalls because models ingest siloed data, which amplifies errors. ConnectALL by Broadcom eliminates these obstacles by providing intelligent orchestration, unified context, flow governance, and trusted enterprise automation. See how you can reduce operational risk, eliminate siloed data, and establish secure, scalable agentic AI workflows. Key Takeaways Equip models with unified context to ensure enterprise AI operates with full operational awareness and alignment. Establish secure, scalable agentic AI workflows using flow filters, logic gates, and real-time content augmentation. Create continuous ...
0 comments

Secure Your DX UIM Hubs and Robots!

By RowanCollis
Secure Your DX UIM Hubs and Robots! A Practical Guide to Protecting IT Management Traffic Data Rowan Collis Your servers, networks, applications, database –all things being monitored– generate enormous volumes of valuable data. We love this data and live by this data for AIOps and Observability. Although it’s ‘internal only’ data, your security and audit teams expect IT management traffic data to be ‘locked down’. To help ensure the security of this rich, granular data, DX Unified Infrastructure Management (DX UIM) provides a powerful approach to protect it. Left unprotected, bad actors could potentially access this data and use and attempt ...
0 comments

The New Frontier of Technology Value

By TJ March
The New Frontier of Technology Value How CloudHealth is addressing the changing landscape of FinOps AI has been a popular topic for a number of years, but this year, it's going to be the main topic that is on everyone’s mind. AI spending is rapidly accelerating, increasing at a pace far exceeding public cloud adoption in the early 2010s. AI expenditure is quickly catching up to cloud spending and is projected to surpass it, positioning this moment as potentially the biggest inflection point in FinOps since the practice was founded. However, the tried and trusted substrate of FinOps remains as relevant as ever. Create awareness and understanding of ...
0 comments

Configuring Your Bastion Host for DX O2 Deployment

By Jorg Mertin
Setting up a robust deployment environment doesn't have to be a headache. Today, we are breaking down the exact steps required to configure your bastion host for a successful DX O2 deployment. 💡 Pro-Tip: It is highly recommended to leave this bastion build for the very end of your environment setup. This makes it significantly easier to upgrade DX O2 later on down the line. Let's dive into the prerequisites and step-by-step implementation. Prerequisites For this guide, we are walking through the setup using a RedHat environment. If you are using a different operating system, the steps will remain largely similar—just adapt the package ...
0 comments

Fix Firewall Fatigue Sans a Second Stack

By Robert Marti
Fix Firewall Fatigue Sans a Second Stack The Simple Fix for ITMS Patch Downloads in Restricted Networks With the increased pace of network-borne cyber-threats, the importance of strict network controls is more important than ever. But for Symantec IT Management Suite (ITMS) administrators, those controls can make basic patch management surprisingly painful. A recurring challenge for customers is how to enable ITMS to download patch packages from software vendors (like Microsoft and Adobe) and metadata from Broadcom when the Notification Server is on a highly restricted or air-gapped network. A new knowledge base article provides the ...
0 comments

Important Update: Transitioning Bitnami Offerings on AWS

By Beltran Rueda Borrego
This blog summarizes some important changes to Bitnami content on Amazon Web Services. Effective June 10, 2026, Bitnami-packaged containers, Helm charts, and Amazon Machine Images (AMIs) will no longer be available through the AWS Marketplace, AWS Lightsail Blueprints, and Elastic Container Registry (ECR). Transition Timeline To ensure our community has time to prepare, we have established the following wind-down schedule: May 19th, 2026: Announcements from both AWS and Broadcom June 1, 2026: A 24-hour brownout will occur for the top 20 ECR container repositories to help users identify dependencies and raise awareness for those ...
0 comments

ESXi-Arm 9.1 Tech Preview Download Availability

By Michael Ling
By: Michael Ling Hi All, We’re happy to announce that the ESXi-Arm Fling is now officially available as a ESX 9.1 Tech Preview. Attached here is the Arm 9.1 Tech Preview Readme file. If you have the appropriate Broadcom VCF license entitlements and login access, you can access and download the Arm Tech Preview bits here: Broadcom Link Thank you to the community for your patience, and please continue sharing your feedback, as it helps us improve the experience. #Arm
0 comments

CA Client Automation - Patch Management - Published Patch Me OS Security Rollup and Office Security IntelliRollups for May, 2026(v2605.00)

By Sreekanth Chejarla
On behalf of CA Technologies, a Broadcom Company, we are pleased to notify you that rollups for May, 2026 are now available. The following rollups have been published: Rollups: CA - Patch Me - Security IntelliRollup v2605.00 CA - Office 32Bit - Security IntelliRollup v2605.00 CA - Office 64Bit - Security IntelliRollup v2605.00 These items will be available for acceptance in your Patch Manager GUI after the next successful run of the “Software Contents Download Job”. As of February 2026, Microsoft has fully discontinued Extended Security Updates (ESU) for Microsoft Windows Server 2008 and Microsoft Windows Server ...
0 comments

Critical NGINX RCE vulnerability CVE-2026-42945

By Beltran Rueda Borrego
A critical security issue, dubbed NGINX Rift and identified as CVE-2026-42945 , has been disclosed. This vulnerability affects both NGINX Open Source and NGINX Plus. We are publishing this post to provide immediate guidance and confirm the rapid release of patched images for all affected Bitnami customers. Understanding the Critical Flaw: NGINX Rift (CVE-2026-42945) The NGINX Rift vulnerability is a critical heap-based buffer overflow flaw discovered within the ngx_http_rewrite_module . This memory corruption issue has existed for 18 years and affects NGINX Open Source versions 0.6.27 through 1.30.0, as well as NGINX Plus R32 through R36. ...
0 comments

CA Client Automation - Patch Management - Published Windows OS and Office Security Individual Patches for May, 2026

By Sreekanth Chejarla
On behalf of CA Technologies, a Broadcom Company, we are pleased to notify you that individual patches for May, 2026 is now available. The following Individual patches have been published: 2026-05 Cumulative Update - Win10-kb5087537-x86-1607 2026-05 Cumulative Update - Win10-kb5087538-x86-1809 2026-05 Cumulative Update - Win10-kb5087544-x64-21H2-22H2 2026-05 Cumulative Update - Win10-kb5087544-x86-21H2-22H2 2026-05 Cumulative Update - Win10-Server2016-kb5087537-x64-1607 2026-05 Cumulative Update - Win10-Server2019-kb5087538-x64-1809 2026-05 Cumulative Update - Win11-kb5087420-x64-23H2 ...
0 comments

General Availability of Nolio Release Automation Patch 6.9.4

By Pavel Sestak
We’re excited to announce the release of Nolio 6.9.4 , bringing key enhancements, a better user experience, and critical fixes. Enhancements include: Expanded Platform Support: Certified for Windows Server 2025 (agents) and Red Hat Enterprise Linux (RHEL) 10 (all components). mTLS Security Update: Enhanced support for serverAuth-only certificates for secure NES ↔ Agent communication. Security Library Upgrades: Upgraded to Apache Tomcat 9.0.117 , Spring Framework 5.3.48 , and Log4J 2.25.4 . UI Overhaul: Significant rework of the Releases , Artifacts , Designer , and Administration ...
0 comments

VMware vDefend for VCF 9.1: Zero Trust Lateral Security for the AI Era

By Michelle Plato
New enhancements include Self-Service Lateral Security with VCF Automation, Unified Lateral Threat Prevention for VMs and VKS Workloads, High-Performance Threat Prevention with IDPS Turbo Mode, and Enhanced Distributed Firewall capabilities. The rapid adoption of production AI workloads is reshaping the enterprise technology landscape, driving the growth of Kubernetes environments alongside existing VM-based infrastructure. As organizations deploy AI agents and AI workloads across private cloud environments spanning VMs and Kubernetes, the attack surface becomes larger and more dynamic. The result is a rapidly evolving threat landscape, driving the need ...
0 comments

Critical Apache RCE Patched — Bitnami Ships Fixes in Under 24 Hours

By Carlos Rodriguez
A remotely exploitable memory corruption flaw in Apache HTTP Server's HTTP/2 stack was disclosed on May 4, 2026. The Bitnami catalog responded the same day, pushing a patched Apache container image within hours and completing downstream updates across five applications the following morning. The Vulnerability On May 4, 2026, the Apache Software Foundation released version 2.4.67 of the Apache HTTP Server, addressing CVE-2026-23918 — a critical double-free memory corruption bug rated HIGH . The flaw lives in Apache's HTTP/2 implementation. When a remote client sends an early reset on an HTTP/2 stream, it can trigger a double-free condition ...
0 comments

Virtual Patching: Guarding Against a Tsunami of AI-discovered Exploits with vDefend and Avi

By Michelle Plato
As the digital landscape enters the age of Artificial Intelligence, the traditional methods of securing applications are being fundamentally challenged. The emergence of advanced AI models has shifted the advantage towards attackers. With AI, even a novice attacker is now weaponized into a sophisticated hacker while operating semi-autonomously at very low cost, and unprecedented scale. Imagine the massive damage that ransomware gangs and/or nation-state actors could do with these cyber weapons. In recent times, ransomware attacks have led to business operations going offline for weeks and months, resulting in financial losses in hundreds of millions of dollars. ...
0 comments