Skip to main content

Azul Intelligence Cloud boosts DevOps efficiency with insights from production runtime data across entire Java estates

Azul, the only company 100% focused on Java, today announced that Azul Intelligence Cloud, Azul’s cloud analytics solution which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity, now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.

Businesses are under pressure to accelerate application innovation cycles and optimize their development resources, while simultaneously ensuring the security of their applications and customer data. Azul’s Intelligence Cloud consists of two services which address these challenges for Java applications running in production:

  • Azul Vulnerability Detection, to eliminate false positives by accurately identifying and prioritizing known security vulnerabilities; and
  • Code Inventory, to help identify unused and dead code by precisely detailing what custom and third-party code is actually run.

“We clearly see the benefit that Azul Intelligence Cloud delivers to our customers by helping their DevOps teams save an immense amount of time and increasing their productivity,” said Ed Tybursky, managing partner at Remend, an independent Oracle advisory firm. “The ability to efficiently triage vulnerable code and identify unused code for removal from telemetry across an entire Java estate, regardless of JDK distribution or vendor, is a crucial capability that enables DevOps teams to effectively focus their time and attention.”

“Enterprise IT teams need accurate, unified insights they can put into action to improve efficiency and control costs,” said Jevin Jensen, IDC research vice president, Intelligent CloudOps. “A solution that can reduce false positives found in most vulnerability scanning enables DevOps, SRE and CloudOps teams to focus on the actual Common Vulnerability and Exposures (CVEs) that are executed by production applications. By avoiding code paths that are never executed, teams can move faster and reduce remediation costs.”

Many organizations are seeking to modernize their applications for a cloud-native AI-powered world but legacy codebases can hold back this innovation and prevent DevOps teams from reaching their full potential. Often teams have added features but not retired old code, making maintenance more difficult and increasing the risk of unexpected behavior or exposure to vulnerabilities.

“We acquired another firm recently and aren’t familiar with their codebase. It contains millions of lines of code – reading and understanding that code would take months. With Code Inventory, we identified large portions of unused code, archived it and now spend our time working on the important parts. This has significantly sped up our development cycles,” said an Azul Intelligence Cloud user from a leading fintech trading firm.

For DevOps teams, dealing with Java application deployments that often comprise a heterogeneous mix of JVMs across different Java vendors, platforms and versions becomes increasingly complex. By supporting any JDK distribution including those from Azul, Oracle, Amazon, Eclipse, Microsoft, Red Hat and others, Azul Intelligence Cloud delivers key benefits across an enterprise’s entire Java fleet:

  • Eliminate Vulnerability False Positives: Uses information the JVM inherently has when running a Java application to identify vulnerable code that actually runs, generating accurate results unattainable by traditional application security tools. Enables DevOps to prioritize vulnerabilities based on actual risk, saving time while reducing security issue backlogs and improving production security posture.
  • Efficiently Triage New Vulnerabilities: Provides continuous detection for Java applications in production so DevOps teams can efficiently triage new critical vulnerabilities during events like Log4j. Saves DevOps time and minimizes disruption so teams can focus on other productive tasks. The Azul Vulnerability Detection Knowledge Base is rapidly and continuously updated with newly published Java-specific vulnerabilities.
  • Code Use Analysis and Unused Code Visibility: Gives an aggregate view of when code was run — down to the method level — across an enterprise’s Java workloads. Enables DevOps to understand what code is used in production and helps identify unused and dead code for removal (i.e. pinpoints unused classes and libraries). Doing so lowers code maintenance effort and increases developer productivity, freeing up resources for more important business initiatives.
  • Real-time and Historical Analysis, Accelerated by AI: Azul Intelligence Cloud retains component and code use history, allowing for focused forensic efforts to determine if vulnerable code was exploited prior to it being known as vulnerable. Azul’s security team uses AI to quickly identify Java-specific CVEs from the National Vulnerabilities Database (NVD) and rapidly update the Azul Vulnerability Detection Knowledge Base with newly published vulnerabilities.
  • No Performance Impact in Production: Azul Intelligence Cloud efficiently captures Java runtime data that exists within a JVM when running a Java application, resulting in no performance impact, something not possible using traditional security or profiling tools.

“Ever since the Log4J event, we have seen a dramatic rise in ‘false positives’ as a result of the various tools that organizations have employed to address Java application vulnerabilities,” said James Yang, vice president of sales at Cloud Creek, an Azul channel partner. “Currently we are on the phone with customers 3 to 4 times a week to prove that these are false positives – often we have up to 15 people on the phone from both the client side and our team spending anywhere from 30 minutes to an hour to address this. How is this productive? It’s almost like crying wolf. Azul’s Intelligence Cloud solution takes all this pain away, completely removing the false positives and allowing our customers to quickly and effectively remediate the vulnerabilities that matter.”

“Today’s businesses are under relentless pressure to innovate, accelerate time-to-market and fortify application security, all while grappling with resource constraints,” said Scott Sellers, co-founder and CEO of Azul. “Azul Intelligence Cloud is a game-changer. Using the information already inside JVMs running in production, Intelligence Cloud provides unprecedented precision and the intelligence needed to solve two significant DevOps challenges – alert fatigue from an intractable vulnerability false positive backlog and technical debt from maintaining unused code. We’re excited to extend these capabilities across all an enterprise’s Java application fleet, regardless of JDK vendor or distribution, to dramatically slash time from unproductive tasks and multiply DevOps productivity.”

The post Azul Intelligence Cloud boosts DevOps efficiency with insights from production runtime data across entire Java estates appeared first on SD Times.



from SD Times https://ift.tt/RDcHQFK

Comments

Popular posts from this blog

Difference between Web Designer and Web Developer Neeraj Mishra The Crazy Programmer

Have you ever wondered about the distinctions between web developers’ and web designers’ duties and obligations? You’re not alone! Many people have trouble distinguishing between these two. Although they collaborate to publish new websites on the internet, web developers and web designers play very different roles. To put these job possibilities into perspective, consider the construction of a house. To create a vision for the house, including the visual components, the space planning and layout, the materials, and the overall appearance and sense of the space, you need an architect. That said, to translate an idea into a building, you need construction professionals to take those architectural drawings and put them into practice. Image Source In a similar vein, web development and design work together to create websites. Let’s examine the major responsibilities and distinctions between web developers and web designers. Let’s get going, shall we? What Does a Web Designer Do?

A guide to data integration tools

CData Software is a leader in data access and connectivity solutions. It specializes in the development of data drivers and data access technologies for real-time access to online or on-premise applications, databases and web APIs. The company is focused on bringing data connectivity capabilities natively into tools organizations already use. It also features ETL/ELT solutions, enterprise connectors, and data visualization. Matillion ’s data transformation software empowers customers to extract data from a wide number of sources, load it into their chosen cloud data warehouse (CDW) and transform that data from its siloed source state, into analytics-ready insights – prepared for advanced analytics, machine learning, and artificial intelligence use cases. Only Matillion is purpose-built for Snowflake, Amazon Redshift, Google BigQuery, and Microsoft Azure, enabling businesses to achieve new levels of simplicity, speed, scale, and savings. Trusted by companies of all sizes to meet

2022: The year of hybrid work

Remote work was once considered a luxury to many, but in 2020, it became a necessity for a large portion of the workforce, as the scary and unknown COVID-19 virus sickened and even took the lives of so many people around the world.  Some workers were able to thrive in a remote setting, while others felt isolated and struggled to keep up a balance between their work and home lives. Last year saw the availability of life-saving vaccines, so companies were able to start having the conversation about what to do next. Should they keep everyone remote? Should they go back to working in the office full time? Or should they do something in between? Enter hybrid work, which offers a mix of the two. A Fall 2021 study conducted by Google revealed that over 75% of survey respondents expect hybrid work to become a standard practice within their organization within the next three years.  Thus, two years after the world abruptly shifted to widespread adoption of remote work, we are declaring 20