The exploitation of known vulnerabilities will likely become the top security attack vector by 2026. Azul and RapidFort have entered into a strategic partnership to deliver near-zero CVE third-party hardened Java container images. The combination of RapidFort’s enterprise-grade hardened containers and Azul’s world-class Java support reduces vulnerabilities by up to 90%, vastly improving Java container security.
Organizations face mounting pressure to secure their software supply chains amid escalating cyber threats. According to Verizon’s 2025 Data Breach Investigations Report, the exploitation of vulnerabilities (CVEs) has seen another year of growth and will surpass credential abuse as the #1 security attack vector by 2026. This places an enormous burden on both security and development teams who must continuously patch and update systems.
Enterprises that rely on Java applications typically have a large Java estate that includes the four commonly used Long-Term Support (LTS) Java versions (8, 11, 17, 21) and a fifth (25) later this year. Fortunately, Azul and RapidFort have teamed up to deliver a set of jointly developed hardened Java container images that includes all Java LTS releases starting with Java 8.
The inclusion of all Java LTS releases is significant given the rapid enterprise adoption of hardened containers. Container-focused and security-minded Java customers can now seamlessly adopt the joint RapidFort/Azul images into all their existing projects to reduce their vulnerability patching burden while still benefitting from Azul’s curated Java runtimes and award-winning commercial support services.
Why protecting older Java versions matters
Java provides strong backward compatibility between major versions, so most applications compiled using a specific JDK version will continue to run on new versions without any code changes.
In the 2025 State of Java Survey & Report, each of the four versions that still has LTS (8, 11, 17, 21) is used by at least 23% of survey participants. In addition, 52% of participants use more than one version of Java, and some used as many as nine, so most Java-based organizations have a lot to think about when it comes to keeping their Java estates secure.
Oracle regularly issues Critical Patch Update (CPU, a stabilized security-only update) and Patch Set Update (PSU, the full update) for each LTS version. Both are essential to maintain the maximum level of JDK security, and Azul is the only company besides Oracle that provides both CPU and PSU updates. Organizations that combine RapidFort’s advanced container optimization technology with Azul’s Platform Core and Platform Prime runtimes for Java 8 and later can deploy hardened Java container images that reduce vulnerabilities by up to 90%, significantly shrinking the attack surface. Prime is ideal because it is optimized for performance and consistent low latency, and you don’t have to modify or recompile your existing Java code. Development teams benefit from less frequent patching, greater productivity, faster innovation, and stronger security.
Unlock value with enterprise-grade container images
The Azul/RapidFort partnership delivers several significant advantages for enterprise customers, including:
- Reduced Patching Burden: With fewer vulnerabilities to patch, security teams can focus on more strategic initiatives.
- Enhanced Supply Chain Security: Hardened container images anchor the entire software development lifecycle.
- Accelerated Development: Developers can build applications faster without compromising security.
- Regulatory Compliance: Hardened container images make compliance easier despite increasingly stringent security regulations and frameworks such as Network and Information Security Directive (NIS2), Cybersecurity Maturity Model Certification (CMMC), and Federal Risk and Authorization Management Program (FedRAMP).
- Lower Operational Costs: Better Java container security reduces both the maintenance burden and the risk of security incidents.
| Learn More |
|---|
| Azul Platform Core Azul Platform Prime RapidFort Product Overview Azul RapidFort Partner Page |
RapidFort/Azul containers are available now
The first set of jointly developed hardened Java container images is available immediately. These images include all Java LTS releases for both Azul Platform Core and Azul Platform Prime, starting with Java 8. Customers interested in enterprise-grade container security can request more information from RapidFort.
