Vulnerability Detection

Need help?

Schedule a consultation with an Azul performance expert.

Vulnerability Detection is a production-speed software composition analyzer. By using the JVM to retain information about loaded code, Azul Intelligence Cloud can apply analysis to look back and see where new Common Vulnerabilities and Exposures (CVEs) are used and/or present.

When Java applications launch with Vulnerability Detection, the JVM operates at full speed with an asycnchronous collector that communicates with Azul Intelligence Cloud. This data can later detect standard JAR files, shaded JARs, flattened JARs, and other packaging types.

By working in the JVM itself, the collector operates at peak speed and does not rely on instrumentation — this independence can collect data from applications where jlink removed the java.instrument module.

Vulnerability Detection reports are available:

Via the web user interface.
Via the API.