The logging and monitoring framework for VMware Cloud services enables VMware to identify the incidents of specific customers. The VMware Security Operations Center uses a SIEM system and merges data sources for a detailed analysis and alerting.

VMware has a formal incident response group to cater to incident-response activities. Forensic data is made available for third-party forensic analyses, if required by law. VMware assesses the information security risk impact based on the internal mechanisms to quantify the types, volumes, and impacts on all information security incidents. VMware considers these policies and procedures as confidential and does not share specific details with customers. However, information pertaining to security breaches are shared with affected customers to support the contractual and legal obligations.

VMware notifies the customers through electronic methods, whenever feasible, for example, through portals. For more information, refer to the VMware Data Processing Addendum.