Check Point® Software Technologies Ltd.(link is external) announced that its Quantum Firewall Software R82 — the latest version of Check Point’s core network security software delivering advanced threat prevention and scalable policy management — has received Common Criteria EAL4+ certification, further reinforcing its position as a trusted security foundation for critical infrastructure, government, and defense organizations worldwide.
The latest Java release demonstrates a satisfying symmetry — JDK24 delivers exactly 24 JDK Enhancement Proposals (JEPs). Released on March 18, the newest update brings substantial improvements that address key operational challenges facing DevOps teams. With 14 production-ready features and 10 experimental and preview capabilities, JDK 24 offers meaningful enhancements for containerized deployments, microservices architectures, and cloud-native applications.
Let's dive into the most significant changes that will reshape how DevOps teams tackle Java deployment challenges in modern production environments.
Virtual Threads: The Game-Changer for Legacy Workloads
The introduction of virtual threads in JDK 21 marked a turning point for Java's concurrency model, promising millions of lightweight threads with minimal resource overhead. For DevOps teams managing high-throughput services in resource-constrained environments, this innovation offered a path to dramatic improvements in infrastructure utilization. However, a critical limitation dampened enthusiasm: synchronized blocks would "pin" virtual threads to carrier platform threads, effectively neutralizing many performance benefits in typical enterprise applications.
JEP 491 elegantly solves this problem by moving monitor association from platform threads to virtual threads. This architectural shift means virtual threads can now freely enter synchronized blocks without becoming bound to a platform thread — they can be unmounted and remounted naturally, even inside synchronized code. For DevOps professionals, this can translate to significantly improved performance metrics in cloud deployments and compute-intensive applications like AI workloads. Legacy codebases heavy with synchronized blocks — previously prime candidates for expensive rewrites — can now harness virtual thread benefits with minimal changes. This enhancement removes perhaps the most significant barrier to broad virtual thread adoption across enterprise applications.
Stream API Gets User-Definable Intermediate Operations
The Streams API introduced in Java 8 transformed how developers process collections, bringing functional programming patterns to mainstream Java. Until now, developers could customize terminal operations through the Collector interface but were limited to a fixed set of built-in intermediate operations. JEP 485 changes this with the new Gatherer interface, allowing developers to create custom intermediate stream operations with the same flexibility previously reserved for terminal operations. This enhancement is a useful expansion of the capabilities of the Streams API.
Developers can now create specialized filtering patterns or implement unique transformations that combine elements in specific ways. This functionality allows teams to encapsulate that logic in a reusable gatherer instead of chaining multiple operations together or falling back to imperative code, resulting in more maintainable and efficient code.
Startup Times Improved with Ahead-of-Time Class Loading
Java's "write once, run anywhere" approach — while providing excellent portability — has traditionally had performance costs, particularly during application startup. When launching a Java application, the JVM must load, verify, and link class files, a process that can add overhead.
JEP 483 introduces ahead-of-time class loading and linking as part of Project Leyden. This enhancement builds on Application Class Data Sharing (introduced in JDK 11) by making application classes instantly available in a pre-loaded and pre-linked state when the JVM starts.
The result is better application startup times by avoiding repeated class processing overhead. For microservices and serverless environments where rapid startup is critical, this improvement offers distinct benefits.
Security Manager: A Legacy Feature Makes Its Exit
Not all enhancements add features; thoughtful removal of outdated functionality often improves the overall platform. JEP 486 permanently disables the Security Manager, an artifact from Java's early days when applets ran in browsers and demanded strict security controls. In today's DevOps landscape, modern containerization, cloud-native security models, and infrastructure-level controls have rendered the Security Manager increasingly irrelevant.
By removing this legacy feature, JDK 24 becomes more streamlined and efficient. However, DevOps teams should note that any applications still relying on the Security Manager will require architectural changes to migrate to JDK 24. This represents a rare case where Java's backward compatibility is deliberately broken, so organizations should conduct thorough inventory assessments before upgrading affected systems.
Farewell to 32-bit x86
JEP 501 marks another step in Java's modernization by deprecating the 32-bit x86 port for removal. With the Windows 32-bit x86 port removed in JDK 24, only the Linux version remains, and it's now officially scheduled for removal. This change reflects the reality that virtually all modern systems run on 64-bit architectures. Maintaining compatibility with older hardware architectures represents an increasingly unnecessary burden on the Java platform.
Unsafe Memory-Access Methods Generate Warnings
The sun.misc.Unsafe class has long served as Java's unofficial interface for systems programming needs. JEP 498 introduces runtime warnings when memory-access methods from Unsafe are invoked, signaling another step toward eventually removing this JDK-internal API.
Modern alternatives like the VarHandle API and Foreign Function & Memory API now provide standardized ways to accomplish what developers previously needed Unsafe for. This change encourages developers to adopt safer and officially supported alternatives.
Looking Forward
JDK 24 represents continued advancement for the 30-year-old Java language. The alignment of 24 JEPs in JDK 24 demonstrates how effectively Java's six-month release cadence delivers regular, meaningful improvements rather than infrequent, disruptive updates.
From a DevOps perspective, the virtual thread improvements alone make this release compelling, while ahead-of-time class loading directly tackles one of the persistent operational challenges teams face: startup latency. These enhancements align perfectly with modern containerized deployment patterns, where fast startup and efficient resource utilization are critical metrics.
As organizations build and deploy microservices architectures, cloud-native applications, and AI workloads, JDK 24 demonstrates that Java remains a platform worth investing in. With the next long-term support release (JDK 25) coming in September 2025, teams have time to evaluate these improvements and plan their adoption strategy. After three decades, Java continues proving its adaptability to evolving infrastructure paradigms, making it as relevant in today's DevOps world as it was in enterprise deployments of the past.
Industry News
Postman announced full support for the Model Context Protocol (MCP), helping users build better AI Agents, faster.
Opsera announced new Advanced Security Dashboard capabilities available as an extension of Opsera's Unified Insights for GitHub Copilot.
Lineaje launched new capabilities including Lineaje agentic AI-powered self-healing agents that autonomously secure open-source software, source code and containers, Gold Open Source Packages and Gold Open Source Images that enable organizations to source trusted, pre-fixed open-source software, and a software crawling and analysis engine, SCA360, that discovers and contextualizes risks at all software development stages.
Check Point® Software Technologies Ltd.(link is external) launched its inaugural AI Security Report(link is external) at RSA Conference 2025.
Lenses.io announced the release of Lenses 6.0, enabling organizations to modernize applications and systems with real-time data as AI adoption accelerates.
Sonata Software has achieved Amazon Web Services (AWS) DevOps Competency status.
vFunction® announced significant platform advancements that reduce complexity across the architectural spectrum and target the growing disconnect between development speed and architectural integrity.
Sonatype® introduced major enhancements to Repository Firewall that expand proactive malware protection across the enterprise — from developer workstations to the network edge.
Aqua Security introduced Secure AI, full lifecycle security from code to cloud to prompt.
Salt Security announced the launch of the Salt Model Context Protocol (MCP) Server, giving enterprise teams a novel access point of interaction with their API infrastructure, leveraging natural language and artificial intelligence (AI).
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the graduation of in-toto, a software supply chain security framework developed at the NYU Tandon School of Engineering.
SnapLogic announced the launch of its next-generation API management (APIM) solution, helping organizations accelerate their journey to a composable and agentic enterprise.
Apiiro announced Software Graph Visualization, an interactive map that enables users to visualize their software architectures across all components, vulnerabilities, toxic combinations, blast radius, data exposure and material changes in real time.
Check Point® Software Technologies Ltd.(link is external) and Illumio, the breach containment company, announced a strategic partnership to help organizations strengthen security and advance their Zero Trust posture.