SoftwareOne reviewed the Oracle contracts to determine if the conglomerate had Java licenses or had purchased Oracle product licenses with restricted usage rights for Java. This was followed by analyzing tool output provided by the customer to detect Java installations. Interviews were conducted to ensure a clear view of the installed products’ purpose and to identify all compliance risks.
An in-depth review of the installed version was checked against a known vulnerability database to determine potential security risks. The SoftwareOne team detected a large number of installations at the highest risk level.
All the above was completed within one month and provided the customer with valuable insights. The CIO formed a team to mitigate the existing risks and avoid costly consequences. SoftwareOne’s input also provided the company with the feedback needed for defining a new Java strategy.