Azul, the exclusive enterprise dedicated to Java, has recently unveiled the latest enhancement to their cloud analytics solution, Azul Intelligence Cloud. This cutting-edge platform offers valuable insights derived from real-time Java runtime data, enabling developers to significantly enhance their efficiency. The remarkable aspect of this update is that it now supports not only Oracle JDK but also any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
In today’s fast-paced business landscape, organizations face immense pressure to expedite application innovation cycles and optimize their development resources. Simultaneously, they must prioritize the security of their applications and safeguard customer data. Recognizing these challenges, Azul’s Intelligence Cloud comprises two services that effectively address these concerns for Java applications operating in production.
- Azul Vulnerability Detection, to eliminate false positives by accurately identifying and prioritizing known security vulnerabilities; and
- Code Inventory, to help identify unused and dead code by precisely detailing what custom and third-party code is actually run.
“We clearly see the benefit that Azul Intelligence Cloud delivers to our customers by helping their DevOps teams save an immense amount of time and increasing their productivity,” said Ed Tybursky, managing partner at Remend, an independent Oracle advisory firm. “The ability to efficiently triage vulnerable code and identify unused code for removal from telemetry across an entire Java estate, regardless of JDK distribution or vendor, is a crucial capability that enables DevOps teams to effectively focus their time and attention.”
Numerous organizations are looking to update their applications for a cloud-native AI-driven environment, however, outdated codebases may impede this progress and hinder DevOps teams from achieving optimal performance. Oftentimes, teams introduce new features without removing old code, leading to heightened maintenance challenges and a greater likelihood of encountering unexpected issues or security risks.
For DevOps teams, dealing with Java application deployments that often comprise a heterogeneous mix of JVMs across different Java vendors, platforms and versions becomes increasingly complex. By supporting any JDK distribution including those from Azul, Oracle, Amazon, Eclipse, Microsoft, Red Hat and others, Azul Intelligence Cloud delivers key benefits across an enterprise’s entire Java fleet:
- Eliminate Vulnerability False Positives: Uses information the JVM inherently has when running a Java application to identify vulnerable code that actually runs, generating accurate results unattainable by traditional application security tools. Enables DevOps to prioritize vulnerabilities based on actual risk, saving time while reducing security issue backlogs and improving production security posture.
- Efficiently Triage New Vulnerabilities: Provides continuous detection for Java applications in production so DevOps teams can efficiently triage new critical vulnerabilities during events like Log4j. Saves DevOps time and minimizes disruption so teams can focus on other productive tasks. The Azul Vulnerability Detection Knowledge Base is rapidly and continuously updated with newly published Java-specific vulnerabilities.
- Code Use Analysis and Unused Code Visibility: Gives an aggregate view of when code was run — down to the method level — across an enterprise’s Java workloads. Enables DevOps to understand what code is used in production and helps identify unused and dead code for removal (i.e. pinpoints unused classes and libraries). Doing so lowers code maintenance effort and increases developer productivity, freeing up resources for more important business initiatives.
- Real-time and Historical Analysis, Accelerated by AI: Azul Intelligence Cloud retains component and code use history, allowing for focused forensic efforts to determine if vulnerable code was exploited prior to it being known as vulnerable. Azul’s security team uses AI to quickly identify Java-specific CVEs from the National Vulnerabilities Database (NVD) and rapidly update the Azul Vulnerability Detection Knowledge Base with newly published vulnerabilities.
- No Performance Impact in Production: Azul Intelligence Cloud efficiently captures Java runtime data that exists within a JVM when running a Java application, resulting in no performance impact, something not possible using traditional security or profiling tools.
