Re: Third party code
This may be updated, but Pure's current standing is that "Purity Run allows customers to run applications provided by PureStorage on the FlashArray." Presumably these trusted applications do not include Spectre/Meltdown exploits.
"Pure is continuing to investigate the risk of any potential impact to FlashArrays using Purity Run. Purity Run allows customers to run applications provided by PureStorage on the FlashArray. Purity Run is a feature which can only be enabled with specific request from the customer to Pure Customer Support. Pure Customer Support will proactively reach out to every Pure customer using Purity Run. On FlashArrays with Purity Run enabled, the administrator should continue their usual practice of ensuring that only trusted code is executed in the Purity Run VM, and that access controls and patches are properly maintained."