Channel Insider content and product recommendations are editorially independent. We may make money when you click on links to our partners. View our editorial policy here.

Java enablement platform company Azul recently announced the launch of its new compliance support offering. The suite of solutions addresses the compliance needs of organizations now under the mandate of the Digital Operational Resilience Act (DORA) across the European Union.

New tools address complex needs as DORA takes effect

Effective Jan. 17, DORA applies to financial institutions within the EU and organizations who actively conduct business in the region. The regulatory framework is built on five pillars of focus, including:

• ICT risk management
• ICT-related incident reporting
• Digital operational resilience testing
• ICT third-party risk
• Information sharing

Azul’s new solutions are tailored to each of the five pillars through a five-step plan that encompasses an action step for each pillar. With Azul’s support, partners supporting EU financial institutions can keep their Java instances with an added level of compliance and security. This comes as DORA brings a deeper scrutiny and expectation than many of the disparate national regulations before it.

“DORA represents a significant shift in how regulators are treating digital resilience as a requirement, not just a technical consideration,” Simon Taylor, the senior vice president of channel and alliances at Azul, told Channel Insider. “Although many jurisdictions outside of the EU have their own related legislation or directives, what businesses in those regions should pay attention to is the approach DORA is encouraging organizations to take to become compliant.  DORA is as much about the “carrot” of a framework and process for adoption, as it is the “stick” in terms of the implications of non-compliance. Many countries lack this integrated approach to cyber resilience.”

Azul’s offering includes:

• Fully supported, OpenJDK distributions through Azul Platform Core and Azul Platform Prime that ensure timely security updates and patches.
• Stabilized security-only updates across all Java versions, operating systems and architectures.
• Continuous vulnerability monitoring and accelerated remediation response time with Azul Intelligence Cloud.
• Expert guidance and support for migration from unsupported OpenJDK distributions.

Channel partners should already be aware of DORA and actively working to ensure clients remain compliant. Taylor said the first step for those who still need to start is to conduct impact assessments and determine the work that lies ahead.

“Our channel partners typically have a range of related services that play into the readiness and adoption of DORA. To start, channel partners should focus on helping their clients conduct thorough impact assessments of their Java infrastructures,” Taylor said. “This means identifying potential compliance gaps, such as unsupported OpenJDK distributions, but also weaknesses in Java security which create potential non-compliance issues. From that partners can then help clients develop clear strategies to address these outstanding issues.”

Azul enables Java implementation at scale

According to the 2022 FINOS State of Open Source in Financial Services report, 51% of the code within the financial services data set is written in Java. Azul was founded to support Java users with a suite of tools that simplify and secure a variety of Java use cases. The company’s extensive partner network stretches across the globe and i suspported through a formalized partner program with joint go-to-market capabilities and enablement support.

That partner network is comprised of VARs, solution providers, ISVs, and authorized distributors, with a tiered system in place for resellers. Azul also offers a variety of partner and customer services, including advisory support for its partners through compliance and other strategic needs.

In November, we reported on another offering dedicated to DORA compliance. Learn more about how Valiantys, HYCU, Lansweeper, and Appfire partnered to develop a new GRC offering.