Azul Intelligence Cloud provides actionable intelligence from production Java runtime data to efficiently prioritize vulnerable code for remediation and identify unused code for removal. It works with any JVM from any vendor or distribution including Azul, Oracle, Amazon, Microsoft, RedHat, and Temurin to slash time from unproductive tasks across an enterprise’s entire Java estate, resulting in a substantial improvement in DevOps productivity.
Catalogs Code in Production for Strongest, Most Accurate Signal. Code Inventory is the only solution that precisely catalogs what code runs in production across all of an enterprise’s Java workloads. It slashes the time and burden of maintaining and testing unused code, significantly improving developer productivity and ultimately saving money.
Provides a consolidated view of when code was first and last run – down to the class/package and method level – across an enterprise’s Java workloads. DevOps teams can leverage this information to understand what code runs in response to end user interactions and for identifying unused code for removal.
Collects and aggregates detailed information from the Java Virtual Machine (JVM) of what code actually runs in production over time. Provides highly accurate, strong signals to confidently identify and prioritize unused code for removal. Helps reduce clutter so teams can work only on active code, lowering maintenance effort and increasing development velocity.
Continuously Detects Known Vulnerabilities in Java Applications
Azul Vulnerability Detection detects vulnerable code that is actually used versus simply present, eliminating false positives for efficient vulnerability triage. By detecting vulnerabilities at point of use in production, it fills a critical gap at the endpoint of the software supply chain and augments legacy tools for more accurate results.
Monitors code executed by the Java runtime in production to collect data on what code runs versus is simply present. Uses sophisticated techniques to identify code and map to a Java-specific Common Vulnerabilities and Exposures (CVE) database to generate accurate results unattainable by other tools
Focuses scarce human effort where vulnerable code is or has been used versus simply present, to help reduce issue backlogs. Retains component and code use history, focusing forensic efforts to determine if vulnerable code was exploited prior to it being known as vulnerable.
When previously unknown vulnerabilities in Java applications are published, the Azul Vulnerability Detection CVE knowledge base is rapidly updated, so DevOps team can efficiently triage critical vulnerabilities in production during events like Log4J.
Whether you’re ready to switch to Azul or you have questions about how runtime intelligence can change your Java app game, we’re ready to help.