Azul detects Java vulnerabilities in production apps
source link: https://www.infoworld.com/article/3678212/azul-detects-java-vulnerabilities-in-production-apps.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Azul detects Java vulnerabilities in production apps
Azul Vulnerability Detection promises to eliminate false positives without impacting performance, by drawing on monitoring and detection capabilities inside the Azul JVM.
Java services company Azul has unveiled Azul Vulnerability Detection, a SaaS product that leverages the Azul JVM to continuously monitor Java applications for security vulnerabilities.
Azul Vulnerability Detection, introduced November 2, is an agentless cloud service designed for production use. It addresses enterprise risk around software supply chain attacks and eliminates false positives while not impacting performance, Azul said.
Accessible from azul.com, Azul Vulnerability Detection identifies code running in the Azul JVM and maps it against a curated Java-specific database of common vulnerabilities and exposures (CVEs). A history of detections is retained so when new CVEs are disclosed, users can determine when and on what systems they have been running vulnerable software.
Azul Vulnerability Detection checks all Java software including frameworks such as Spring, Hibernate, Tomcat, Quarkus, and Micronaut, and including infrastructure such as Kafka, Cassandra, Elasticsearch, Spark, Hive, and Hadoop. By leveraging monitoring and detection built into Azul JVMs, it eliminates a performance penalty.
Azul Vulnerability Detection is part of the Azul Intelligence Cloud product family. The service works with any Azul JVM, including Azul Zulu Builds of OpenJDK, and is compatible with all Java applications, libraries, and frameworks.
Paul Krill is an editor at large at InfoWorld, whose coverage focuses on application development.
Copyright © 2022 IDG Communications, Inc.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK