In this episode of DEMO, host Keith Shaw sits down with Erik Costlow, Senior Director of Product Management at Azul, to explore how the company’s is transforming Java application management for enterprises.Learn how Azul helps organizations:* Automatically identify and eliminate unused legacy Java code* Prioritize real security vulnerabilities instead of chasing false alarms* Reduce software maintenance burdens and technical debt* Gain full visibility into Java licensing, inventory, and complianceWhether you're a VP of Engineering, software architect, DevOps lead, or CIO, this conversation is packed with insights on how to streamline Java-based infrastructures and reduce risk—while freeing up engineering time for innovation.?? Watch the full demo above and read the full transcript below for easy reference or accessibility.
Register Now
Keith Shaw: Hi everybody. Welcome to DEMO, the show where companies come in and show us their latest products and platforms. Today, I’m here with Erik Costlow. He is the Senior Director of Product Management at Azul. Welcome to the show, Erik.
Erik Costlow: Thank you for having me. I'm always excited to talk about Java.
Keith: All right, so tell me a little bit about Azul. We're going to talk about Java, and then I’ve got another question for you after that. Erik: Absolutely.
Azul is the world’s largest company entirely focused on Java. For all the companies that write Java applications and run their software on Java, it can be that critical piece of infrastructure they don’t want to worry about.
If companies are great at Java, we can help them do even better. And if they just need their business to operate, we can take that Java portion off their plate.
Keith: A lot of people who come on the show talk about generative AI and all the newest trends. When I first heard about this topic, I thought — Java? Is that still a thing? Is it still around?
I think you mentioned before the show that you actually get mocked at events when you talk about it.
Erik: We have a lot of people who like to hate on Java. But the simple fact is, it’s used across virtually every enterprise. It runs in autonomous robots in the ocean, on the planet Mars, and in nearly every company around the world.
Java has become so pervasive in the tech industry that we don’t even notice it anymore.
Keith: So, what are the big problems companies are having with Java these days?
Erik: There are quite a few. One of the problems that Intelligence Cloud is designed to solve is helping VPs of engineering manage the sheer volume of Java in their organizations. Many companies have a lot of it.
We help reduce the maintenance workload by identifying code that no longer needs to be maintained, even though people are still spending time on it.
Keith: And obviously with company turnover, there may be new employees who have no idea what code is even in place. If there’s no solid inventory system, it could be everywhere in the enterprise, right? Erik: Exactly.
When companies go through a lot of hiring, every engineer writes new code, makes sure it’s tested, and keeps adding. But no one ever removes the legacy code. Over time, applications become bloated and complex. We're helping companies slim that down to reduce their maintenance burden.
Keith: So, what would companies be doing if they didn’t have the benefits of Intelligence Cloud?
Erik: Honestly, not much. Nobody's really deleting code. I had someone tell me the other day that they accomplished more in a single afternoon with our tool than they had with other code dependency tools in years.
Keith: Why is unused code such a problem for CIOs?
Erik: It comes down to time. Your senior engineers are spending their time maintaining old code rather than innovating. Imagine how much more productive your competitors can be when they’re not bogged down by maintenance.
Shifting effort away from maintaining legacy code and toward building new features helps companies stay competitive and deliver more value.
Keith: And there are potential security flaws in old Java code or older versions, right? Erik: Right.
There are various security vulnerabilities across the Java ecosystem, especially for those running on older JDKs. Many security tools today flag everything as vulnerable, but Java applications often include libraries that aren’t even used. We help teams identify which vulnerabilities actually load in the application.
That way, they can focus on the ones that matter and ignore or remove the rest.
Keith: When you talk with clients, they also mention issues with licensing, right? Erik: Yes.
A lot of people face licensing issues — sometimes they feel like they’re being shaken down. We help them maintain a full Java inventory, track where Java is used, which vendor and version it is, and what it’s doing. This helps them move to OpenJDK and avoid those surprise bills.
Keith: Sounds like a lot of great stuff here. So let’s jump into the demo. Erik: Absolutely.
Intelligence Cloud is focused on helping VPs of engineering save time for their senior engineers. I’ve preloaded a couple of reports. The entire product is API-based, so you don’t have to use the UI — you can integrate the insights directly into your workflows.
The first capability I want to show is code inventory. It helps identify areas where teams can save time. For example, we had one customer reclaim the equivalent of 29 engineers’ worth of time by reducing unnecessary maintenance.
Keith: And what are we looking at here? I see green—does that mean good?
Erik: Green generally means good—in this case, it means "used." We track all the classes and methods that load in your application, and we also identify what doesn’t load. This helps engineering teams clean up legacy code they no longer use.
For instance, in this app, we can see that some database accessor methods are used heavily — but others, like getDateFromNumber or getEpochDate, are never used. So engineers can stop maintaining that unused code.
Keith: Would they just delete the code? Or is it just useful to know it’s not being used?
Erik: The first step is awareness. Right now, engineers assume all code is active, so they maintain everything. We've seen people making commits to code that’s never actually run. We help identify unused code, then teams can mark it as deprecated before eventually removing it. Keith: All right.
You’ve got another cool feature to show us? Erik: Yes.
Let’s look at vulnerability detection. Security is a top priority, but just because a vulnerability is reported doesn’t mean it can actually affect your application. It’s about prioritization.
Keith: Yeah, it would be frustrating to fix a vulnerability only to find out it’s in code no one uses. Erik: Exactly.
It creates unnecessary fire drills. When everything is marked a priority, nothing really is. For example, in this chart, about 25% of reported vulnerabilities never actually run. So, I should worry about the ones in H2, Postgres, or Logback — but not SnakeYAML, because that functionality isn’t even loaded.
Keith: Or hand it off to the intern.
Erik: You can do a lot with interns!
Keith: One more thing you’re going to show us — licensing? Erik: Yes.
On the licensing side, we keep track of where Java is used, what it’s doing, which host it’s on, and which vendor it's from. This helps teams ensure they’re running the right versions, avoid vendors they don’t want, and stay on top of patching and compliance. Keith: Sounds great.
Do you offer free trials? Where can people go to try it out? Erik: Absolutely.
We always offer free trials and are happy to work with teams to help them understand how Intelligence Cloud can help. Just head to azul.com.
Keith: Erik Costlow from Azul, thanks again for being on the show — and for the demo. Erik: Thank you very much. Keith: That’s all the time we have for today’s episode. Be sure to like the video, subscribe to the channel, and leave your thoughts in the comments.
Join us every week for new episodes of DEMO. I’m Keith Shaw — thanks for watching.
Sponsored Links