Key Concepts of Azul Vulnerability Detection
This section discusses key concepts of Azul Vulnerability Detection.
Each term refers to a Java installation or runtime:
JVM is a Java Virtual Machine, referring to the Azul JVMs that are supported by Azul Vulnerability Detection.
JRE is a Java Runtime Environment, used to run a Java application.
JDK is a Java Development Kit, used to build, compile, and package Java applications.
An instance is a JVMs single run of a Java virtual machine. When you run the same app several times, each run is considered a separate instance. Each instance is given a unique ID called the "instance ID" or "vmID". You can use the instance ID to find your instance in the Azul Vulnerability Detection Web UI.
When your JVM connects to the Forwarder, the instance is registered automatically. Once connected, the JVM sends events and meta-information about the instance to the Azul Vulnerability Detection service. The JVM keeps sending events as long as the instance is running.
Azul Vulnerability Detection collects metadata about instances such as information about the JVM instance, libraries used by the app, and so on. The metadata is stored in the form of properties. A property has a name and one or multiple values. For example, the version of Java that was used to start the instance is a single-value property. The list of libraries used in an app is a multiple-value property.
The Azul JVMs are enhanced with the Connected Runtime Service (CRS) that allows detection and communication with the Azul Vulnerability Detection Forwarder. This runs inside the Java process and collects information about the instance.
By default, CRS is disabled and does not affect the runtime. To let it connect to the Forwarder, you have to enable it and set connection parameters.
A component is a Java library. When you run a Java app in a JVM, the app actually consists of the Java Class Library of the JVM, your application code in binary form, and your application dependencies (libraries). The Java Class Library is considered a component, your app code is another component, and each library is also a component.
The Forwarder is a component that facilitates communication between JREs on an internal network and Azul Vulnerability Detection. JREs communicate with the Forwarder, and it’s the only component to be configured to move through firewalls and segmented networks. It provides a single control point for organizations to monitor traffic.
A tag is a user-defined key-value pair that is associated with an instance. Tags are used to search, categorize, and group instances in the Azul Vulnerability Detection Web UI. Read more about tags in the Tagging Your Instances section.
A CVE (common vulnerabilities and exposures) refers to a vulnerability that is publicly known and available in the CVE List. Vulnerabilities are ranked by score (severity). Azul Vulnerability Detection analyzes your instances to detect whether they are subject to any known CVEs.