VMware Explore 2025: Broadcom tackles agentic AI security challenges

At the VMware Explore conference today in Las Vegas, Broadcom announced new security enhancements for its VMware vDefend and VMware Avi products, which are part of the VMware Cloud Foundation Cyber Compliance Advanced Services. Upgrades include more security for agentic workflows, including model context protocol (MCP) servers, and support for post-quantum encryption, among other improvements.

“We are helping customers build their entire data services strategy and environments out, as well as their AI service,” Purnima Padmanabhan, general manager of the Tanzu Division at Broadcom, said at a press conference last week. “AI specifically has really created a jump on effect where most of my customers are now revaluating and looking at their application and data stacks specifically to capitalize on AI as well as incorporate AI both of those. And the transformation is pretty dramatic.”

VMware’s Tanzu platform allows enterprises to quickly develop and deploy applications, including both generative AI and agentic AI-based applications.

“We are adding a new security and vulnerability dashboard to make sure that you always have a view of compliance and more integrated observability,” she said. This means that enterprises can use the same security dashboard for both traditional and AI applications. “An AI app is just another app,” she said. “We give you everything you need to deliver agentic apps quickly, safely, and with governance.”

Other VMware products are also getting additional AI-related security features. (See also: At VMware Explore, customers are looking for VCF value)

Agentic AI platforms are the latest front in enterprise AI deployment, but security typically lags. Agentic AI has all the same security issues as traditional software and automation stacks, combined with the additional security issues posed by large language models, and exacerbated by the rise of agentic AI – autonomous or semi-autonomous AI-powered agents that can interact directly with enterprises data, tools, processes, and one another.

The latest challenge? Model context protocol, or MCP, servers, which allow AI agents to connect to data and tools via a natural-language interface.

“With VCF 9.0, we already enabled an AI agent builder service which helps enterprises to easily build AI agents,” said Prashanth Shenoy, vice president of product marketing for the VCF division at Broadcom, at last week’s press conference. “In the future, we will support MCP, the model context protocol, for providing enterprises with a secure method to integrate their AI assistant with external content, repo and tools like GitHub, SQL Server, Oracle ServiceNow, Postgres and many more, without them having to build and maintain custom connectors.”

The tech preview of some of this new functionality was officially announced today.

For example, customers of VMware’s Avi Load Balancer will be able to secure their MCP traffic with WAF, while also providing MCP session persistence and authorization to help reduce the new attack surface.

Both session persistence and authorization are challenges for enterprises trying to deploy MCP servers on their own, since the base protocol is still new and lacking in control features.

“MCP is the protocol of choice for agentic AI,” said Umesh Mahajan, general manager for application networking and security at Broadcom. Support for the protocol allows enterprises to participate in the broader MCP ecosystem, he said. “The world is moving to MCP,” he said.

VMware also announced a tech preview for zero-trust lateral security specifically for agentic AI workloads running on VMware Cloud Foundation. According to the company, this capability will address the new attack surface created by AI workloads by securing communication paths and access controls with a zero-trust model.

VMware also announced that it will now offer operational insights and troubleshooting powered by generative AI for both vDefend and Avi customers. The company says that this will help IT teams identify and resolve issues in complex environments more quickly.

Preparing for post-quantum cryptography

Moving on from AI to another emerging security threat, Avi Load Balancer will also support NIST-approved post-quantum cryptography encryption algorithms.

Quantum computing, once it arrives, is expected to allow threat actors to break today’s encryption standards. While estimates for this day vary, there’s something called a collect-now, decrypt-later attack, in which adversaries, such as nation states, vacuum up encrypted data and messages in order to decrypt them later.

In addition, switching over to quantum-safe encryption will take time, so most security experts recommend that enterprises start working today to make their encryption algorithm-agnostic, so that they can swap out unsafe algorithms for safe ones when necessary.

Other announcements

The biggest non-AI, non-quantum announcement today was that of a new VMware Cloud Foundation Cyber Compliance Advanced Service.

The goal is to strengthen resilience, compliance and security for enterprise customers in regulated industries, the company said. That includes integrated compliance operations at scale. For example, VCF SaltStack capabilities, accessible directly from the VCF Operations console, will provide real-time application and full-stack infrastructure monitoring and auto-remediation. This will eliminate visibility silos and help enable industry-specific regulatory compliance, the company said.

It will also allow for full, end-to-end automation of compliance operations, streamlining policy management and accelerating audit-readiness. “This is an advanced service that customers will purchase on top of VCF,” Shenoy said.

Editorial disclosure: Network World contributing writer Maria Korolov attended VMware Explore 2025 in person, and her travel costs were paid by Broadcom. The vendor-paid travel does not influence our editorial coverage.

Read more news from VMware Explore 2025:

• Broadcom’s VMware strategy pays off financially, but customers not as keen as Wall Street: To many attendees at this year’s VMware Explore conference, turnout felt smaller, there were fewer sessions than last year, and there were markedly fewer vendors on the exhibit floor. But while the mood among VMware Explore attendees was dour, Broadcom is seeing record gains.
• Broadcom touts AI-native VMware, but gains aren’t revolutionary: Broadcom’s VMware has taken on the AI mantle, declaring that the VMware Cloud Foundation platform is now “AI native.” In the big picture, however, Broadcom didn’t set the world ablaze with its announcements. They were all the obvious next steps for the company and do not move the needle forward on AI technology.
• Broadcom CEO urges cloud-to-on-prem repatriation: “Most of you continue to be weighed down by your infrastructure, and you’re afraid to move forward,” Broadcom CEO Hock Tan said in his conference keynote. “So how do you let go of your IT past so you can build for the future? Well, I can tell you for sure the answer is not to run straight to public cloud, as you did five, ten years ago. If you’re going to do cloud, do it right. Embrace VCF 9.0 and stay on prem.”
• How one midsize enterprise is making VCF work: Broadcom’s shift to all-in-one, perpetual licenses for VMware Cloud Foundation has infuriated customers and priced out some companies, but 750-employee Grinnell Mutual has managed to save money on the new platform.
• Broadcom tackles agentic AI security challenges: Broadcom announced new security enhancements for its VMware vDefend and VMware Avi products, which are part of the VMware Cloud Foundation Cyber Compliance Advanced Services. Upgrades include more security for agentic workflows, including model context protocol (MCP) servers, and support for post-quantum encryption, among other improvements.
• Broadcom and Canonical expand partnership, promising accelerated innovation: The combination of VMware Cloud Foundation and Ubuntu Pro offers enterprise-grade container-based and AI applications.
• Broadcom launches VMware Tanzu Data Intelligence and Tanzu Platform 10.3 to drive agentic AI:Broadcom is pushing its new data lakehouse platform as the answer to all an enterprise’s data challenges — or almost.
• As VMware Explore kicks off, customers are looking for VCF value: Despite grumbling by customers, as well as legal action against Broadcom on a number of fronts, there’s no indication that Broadcom CEO Hock Tan is wavering the least bit from his strategy. Broadcom’s pitch is that VMware Cloud Foundation (VCF) enables IT organizations to run a modern, virtualized, high-performance, highly automated, AWS-style cloud in an on-prem environment with all of the benefits that accrue.