Broadcom Inc. (NASDAQ: AVGO), a global leader in semiconductor and infrastructure software solutions, has announced significant security investments for the Spring and Java ecosystems, which are adopted by more than half of the Fortune 500 companies.
With AI-detected security threats surging, the Tanzu division at Broadcom has released the largest open-source security update in the 23-year history of Spring. Furthermore, the company is expanding its proven architecture, originally built for Bitnami, to cover Java dependencies across the entire Spring ecosystem.
Purnima Padmanabhan, Senior Vice President and General Manager of the Tanzu division at Broadcom, stated, "As the sole maintainer of Spring, we have a significant responsibility to ensure security from the source code level." Security advisories reported from the Spring community increased more than 17-fold between March and April 2026, prompting Broadcom to significantly expand its AI-powered security analysis, including workflows based on frontier models to proactively identify and verify vulnerabilities.
For Tanzu Spring enterprise customers, Broadcom has initiated 'Day Zero' access to verified, CVE-dedicated patches before they are publicly released as open source. These patches are isolated from other functional changes, allowing for faster remediation. In addition, Broadcom continues to provide enterprise-grade support, including certified secure Spring libraries, commercial early releases for older versions, and automated upgrades via Spring Application Advisor.
FACT BOX
- Source: PR TIMES
- Category: New Product
- Organizations: Broadcom Inc.
- Products / services: Spring / Java