Azul launches JVM Inventory to accelerate Oracle Java migration

Azul has introduced JVM Inventory, a new feature of its Intelligence Cloud platform designed to address the challenges and risks associated with migrating from Oracle Java.
JVM Inventory, when combined with Azul's Migration Toolkit (AMT) or other software asset management (SAM) discovery tools, allows Azul's Migration Advisory experts and channel partners to gain detailed, runtime-level visibility across Java deployments. This new solution aims to accelerate the process of classifying, migrating, and tracking Oracle Java instances by delivering actionable information that cannot be obtained through SAM tools alone.
Azul highlights findings from its 2025 State of Java Survey & Report, which reveals that 82% of respondents are concerned about Oracle's Java SE pricing and licensing policy, with 88% considering a move to OpenJDK alternatives. Rising per-employee subscription pricing reportedly increases the total cost of ownership by two to five times for many organisations, prompting enterprises to evaluate alternatives and accelerate migrations.
Customer data from Azul suggests that, on average, an Oracle Java migration takes between six and nine months without automated assistance. This duration is largely a result of the fragmented and manual nature of discovering and classifying Java Virtual Machines (JVMs) using traditional asset management tools. These tools often do not account for runtime context, making it challenging to determine which Oracle JVMs are actively being used, which ones are bundled under a permitted licence, or which are installed but idle. Such gaps can result in unnecessary licensing expenses and increased non-compliance risk.
Azul's Migration Advisory experts and channel partners leverage the JVM Inventory and the Migration Toolkit to provide a complete view of an organisation's Oracle Java footprint. The data is gathered directly from the JVM, including information relating to vendor, version, installation path, and the specific applications utilising the JVM. This runtime insight allows advisory teams to validate and enrich reporting, identify active Oracle Java instances even in complex environments such as containers, and pinpoint unused installations for removal.
With this detailed visibility, organisations can identify Oracle Java usage that is subject to commercial licensing terms and focus migration efforts on those areas. The approach is intended to enable enterprises to accelerate their move to alternatives like Azul Platform Core while more effectively reducing audit risk and licensing costs.
Addressing the complexity faced by larger organisations, the tool is capable of mapping estates containing tens of thousands of Oracle JVMs. By focusing only on those instances actively in use, migration teams can streamline their projects and inform application owners about upcoming changes. Azul states that this can significantly reduce the time required for enterprise-wide migrations, potentially cutting weeks or months from the standard project timeline.
As migrations progress, JVM Inventory also manages and tracks the usage history of JVMs to support trend analysis and ongoing compliance monitoring. This reduces the need for repeated manual scanning and spreadsheet-based reporting often required by SAM processes.
The product is also designed to maintain compliance post-migration. Through continuous runtime detection, it can identify and flag instances where Oracle Java is reintroduced into environments, empowering organisations to quickly take corrective action and automate compliance processes, including alerting and removal or replacement of unauthorised Oracle JVMs.
Evan Boyd, Vice President, Global Operations at Software Licensing Compliance, commented: "Azul's new JVM Inventory is a game-changer for partners, either discovering active Java licensing for ITAM advisories or accelerating Oracle Java migrations. It gives our team and our customers the clarity and runtime intelligence we need to quickly identify where Oracle Java is actually in use, dramatically shortening what used to be a long and painful discovery exercise, and instead now leads to quicker actionable insights. For partners like us, JVM Inventory allows us to deliver faster, higher-value advisories, JDK migrations and better ongoing compliance services that reduce risk for our clients. Azul is giving us the tools we need to help enterprises get Oracle Java out — and keep it out — with confidence."
Key features of the solution include discovery and inventory of Oracle Java instances, accurate classification and prioritisation for replacement or removal, continuous tracking throughout the migration process, and ongoing compliance monitoring to detect reintroduction of Oracle Java instances. Azul states that pairing JVM Inventory with the Migration Toolkit yields the most comprehensive Oracle Java discovery, helps reduce migration risks through accurate classification, accelerates identification of application stakeholders, and supports compliance and audit defence efforts.
Scott Sellers, CEO and Co-founder of Azul, said: "Azul has always been committed to solving the hardest Java challenges for our customers, and JVM Inventory paired with the Azul Migration Toolkit is a perfect example of that innovation in action. By giving enterprises unprecedented visibility into their Java environments with actionable intelligence from runtime data, we're not only simplifying Oracle Java migrations, we're also helping organizations take control of their Java subscription costs, reduce audit risk and ensure long-term compliance. It's a powerful step forward for companies looking to future-proof their Java strategy."
JVM Inventory functions alongside Azul Platform Core to detect and eliminate Oracle Java, maintaining compliance and supporting ongoing migration efforts. The feature is available as part of Azul Intelligence Cloud and is licensed with a base charge and according to the average number of JVMs monitored monthly.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Techday NZ

3 days ago

• Techday NZ

Azul & Chainguard partner on zero-CVE Java containers

Azul and Chainguard have announced a partnership focused on strengthening container security for Java workloads through combined commercial Java support and secure container images. The collaboration will see Chainguard create Java container images built from source, incorporating Azul's commercially supported build of OpenJDK from the Azul Platform Core. This approach is designed to allow enterprises to deliver production workloads more efficiently while addressing the complexities of securing the full software stack for Java applications. Complexity in Java security Java remains integral to a wide range of enterprise applications, with growing challenges around ensuring timely access to secure builds. Securing Java workloads requires reliable updates and consistent patching, traditionally necessitating expertise and timely intervention by vendors. Azul aims to fulfil this role by delivering fully supported OpenJDK builds intended as a direct replacement for Oracle Java, enabling organisations to maintain compliance and security while reducing expenditure and freeing development teams from remediation tasks. Chainguard Containers supports customers by securing operating systems and application runtime environments. The combination targets gaps in current protection practices that too often see engineering and security teams handle numerous vulnerability disclosures, deal with inconsistent patching, and attempt to harden containers without slowing developer productivity. For Java workloads, which require both rapid security response and commercial support, these difficulties are particularly pressing. Recent research from NetRise indicates that the average container carries 604 known vulnerabilities in underlying software components. Notably, over 45% of these CVEs are two to ten years old. This accumulation of unaddressed vulnerabilities increases risks for organisations that depend on containerised apps. Findings from Azul's 2025 State of Java Survey & Report further highlight the impact of security issues. According to the report, 33% of respondents stated their DevOps teams spend more than half their time addressing false positives from Java-related vulnerabilities. Additionally, 49% of surveyed companies reported they are still encountering vulnerabilities from Log4j in production environments, nearly three years after the initial disclosure. The need to secure all layers, from operating systems to toolchains, forms a critical part of the software development lifecycle. Hardened, zero-CVE Java containers The partnership between Azul and Chainguard is positioned as a direct response to challenges identified by industry research. The joint offering will deliver zero-CVE containers for Java versions 21 and above, built from Azul's source code and supported commercially through Azul's Java expertise. Customers are expected to benefit from a streamlined way to secure Java application foundations, reducing overall risk exposure and enabling more consistent, reliable deployments. The new container images will be constructed entirely from source and tested in accordance with the Java Compatibility Kit, providing assurance of compatibility and feature parity. Azul's approach to stabilised, security-only Critical Patch Updates gives engineering teams the opportunity to deploy updated Java images more efficiently, minimising manual patching and testing efforts. This is intended to help organisations redirect development resources away from platform maintenance and towards application delivery. "Our customers need solutions that reduce risk and build trust at every layer of their modern software deployment stack," said Dan Lorenc, co-founder and CEO at Chainguard. "Today, we're bringing Chainguard's expertise in building minimal, zero-CVE images and Azul's expertise in Java together to create the most secure, commercial-grade containers for cloud-native workloads." Scott Sellers, co-founder and CEO at Azul, added: "Choosing a hardened container shouldn't mean sacrificing timely security-only updates and commercial support services for your Java runtimes. Today, we're excited to offer enterprises best-in-breed hardened Java containers from Chainguard while leveraging world-class commercial support from Azul." Customers adopting Azul Java container images through Chainguard Containers will have access to commercial Java support within the Azul Platform Core portfolio. This ensures ongoing access to patches and direct assistance for Java runtime issues in critical enterprise environments.

Techday NZ

4 days ago

• Techday NZ

Oracle launches air-gapped cloud for security & sovereignty

Oracle has unveiled Compute Cloud@Customer Isolated, a fully air-gapped cloud service designed for use by governments and regulated sectors needing stringent control over their data. This offering is positioned to address the requirements of agencies and industries with significant mission-critical security and compliance obligations, including sectors such as defence, intelligence, telecommunications, and healthcare. Compute Cloud@Customer Isolated has been launched as a deployable option that can be separated from the internet, a configuration commonly required to support sensitive and classified workloads. Security and sovereignty The new service is engineered to mitigate the risk of external threats, with a focus on data sovereignty tailored for entities with strict regulatory and security needs. According to Oracle, this is an area of particular importance in Australia and New Zealand, where national security and data handling regulations are strong priorities for government and critical infrastructure operators. Matt Leonard, Vice President, Edge Cloud Product Management at Oracle, said: "Protecting national security has always been a top priority for Oracle. Oracle Compute Cloud@Customer Isolated is designed to help regulated industries benefit from the cloud and AI, while also providing the flexibility to deploy anywhere." Compute Cloud@Customer Isolated provides organisations with access to the same compute, storage, and networking capabilities available from Oracle's existing Compute Cloud@Customer offering, but adds the option for an isolated deployment. This is intended to enhance organisations' abilities to accelerate artificial intelligence development and improve efficiency, whilst maintaining comprehensive data sovereignty and control over the underlying infrastructure. Deployment flexibility The system can be installed as a single rack and scaled up according to need, granting government and regulated sector customers the ability to quickly deploy Oracle Cloud Infrastructure (OCI) Compute services on their own premises—in isolated environments designed for locations with unique sovereignty demands. This capability is expected to make it viable for defence users and other sensitive operations to begin or expand cloud migration in regions where mission requirements dictate the need for air-gapped technology. Oracle presents multiple migration paths, including a Fast-Start option, which can deliver the Compute Cloud@Customer Isolated service on premises within six to eight weeks. This pathway allows customers to later develop a full Oracle Cloud Isolated Region as their requirements evolve. Alternatively, customers can take a phased approach, progressing from edge computing solutions, through isolated cloud deployments, and up towards a fully disconnected Oracle Cloud Isolated Region. This Isolated Region is entirely separate from public clouds and the wider internet, designed to provide control and security specifically demanded by defence and other regulated clients. Partner comments Andy Laidler, Chief Digital Officer for Fujitsu Defence and National Security, addressed the importance of robust and portable connectivity for organisations whose operational backbone now depends on digital services: "As digital services become the operational backbone—from logistics to command and control—forces need connectivity that moves with the mission. Fujitsu's Secure Cloud solution incorporates the full range of Oracle deployment options to ensure we deliver capability where it is needed most. Oracle Compute Cloud@Customer Isolated provides a secure, isolated environment and access to data anywhere, anytime, and under all conditions to help propel mission success." The Compute Cloud@Customer Isolated service will be made available globally later in the year, expanding Oracle's suite of cloud infrastructure offerings to clients operating under the world's most stringent data control laws. Follow us on: Share on:

Techday NZ

4 days ago

• Techday NZ

Oracle launches defence ecosystem to boost security tech ties

Oracle has announced the Oracle Defense Ecosystem, a global initiative intended to transform the way that defence and government technology is delivered. The Oracle Defense Ecosystem is aimed at strengthening the national security infrastructure for the United States and its allies by enabling more efficient collaboration between technology innovators and government and defence organisations. The initiative seeks to remove longstanding barriers that have limited access to the latest cloud and artificial intelligence (AI) technologies within national security sectors. Access to technology National security organisations have often struggled to incorporate emerging technology due to complex procurement procedures, stringent qualification criteria, and the necessity for established networks within the Defence Industrial Base. Oracle's ecosystem is designed to address these issues by offering direct support and resources for defence tech providers. According to Oracle, its cloud infrastructure—Oracle Cloud Infrastructure (OCI)—forms the backbone of these efforts and is already recognised for meeting strict compliance requirements demanded by the defence and government sector. The initial set of organisations participating in the ecosystem includes Arqit, Entanglement, Fenix Group (now part of Nokia Federal Solutions), Koniku, Kraken, Mattermost, Metron, SensusQ, and Whitespace. "Nothing is more important than the national security of the U.S. and its allies, and Oracle has been a cornerstone of this mission for nearly 50 years," said Rand Waldron, Vice President, Oracle. "Oracle and our defense ecosystem plans to innovate and scale to help the U.S. and its allies deter conflicts and win on physical and digital battlefields." Membership benefits The Oracle Defense Ecosystem is designed to offer accelerated growth opportunities for organisations working within the defence and government technology sectors. Participating members are able to access a number of Oracle-facilitated resources and support services, across a wide spectrum of business and technical areas. Through Oracle Sales Support, member organisations can utilise the expertise of Oracle's sales team. This is intended to aid in crafting industry-specific messaging and tailored solutions that match the varied needs of global defence customers. Members are also encouraged to leverage technology and solutions developed within the ecosystem, offering them an expanded portfolio to address unique challenges. One of the cornerstone partnerships highlighted is with Palantir, offering access to Palantir Foundry and Artificial Intelligence Platform (AIP) on Oracle Cloud Infrastructure. This integration allows early-stage defence technology firms to deploy enterprise-grade software for operations, product development, natural language model integration, as well as security and governance requirements. Through direct listing on the Oracle Cloud Marketplace, members are able to make their solutions accessible to customers in all OCI regions, supported by a continuous integration and continuous deployment pipeline for delivering feature enhancements consistently across the globe. Streamlining compliance Defence and government organisations operate with rigorous security standards, and Oracle says the ecosystem is structured to help companies meet these swiftly. Through guidance from Oracle's executive advisors and specific solutions such as the OCI Core Landing Zone, members may accelerate their path to Cybersecurity Maturity Model Certification (CMMC) compliance, saving significant time on manual processes and cloud architecture setup. In addition, Oracle provides frameworks such as the Cloud Native Secure Cloud Computing Architecture (SCCA) Landing Zone, aimed at reducing time and costs associated with SCCA-compliant deployments and standardising security across systems portfolios. Members also have access to documentation and Oracle's expert guidance in these specialised areas. Business operations and support Participants in the Oracle Defense Ecosystem will receive access to business management tools with preferred pricing for Oracle NetSuite, its AI-based management suite, which is utilised by more than 42,000 organisations globally. This solution facilitates streamlined business operations and provides a scalable platform for future growth. Additionally, organisations within the initiative can benefit from access to secure office facilities used to support defence customers, as well as training and certification credits available via Oracle University for cloud infrastructure, applications, and databases. The introduction of the Oracle Defense Ecosystem marks an effort to lower technological and procedural barriers for defence and government tech innovators, while aligning them with cloud and AI tools and resources required to serve complex national security requirements.