📘 This case study is part of our Java Licensing and Audit Defense Case Studies series. For complete Java audit guidance, see Java Audit Defense Service.
Executive Summary — $4 Million Claim, Zero-Cost Resolution
A leading global manufacturer of material handling equipment — with approximately 20,000 employees worldwide and operations spanning dozens of countries — was confronted with a $4 million Oracle Java compliance claim. Oracle alleged that the company's widespread use of Java SE across development environments, production servers, and shop-floor manufacturing control systems was unlicensed under Oracle's post-2019 Java licensing terms, and demanded retroactive subscription fees plus forward-looking subscription commitments calculated on the company's entire global headcount.
Redress Compliance was engaged to defend against the claim. Through a systematic four-phase approach — comprehensive Java estate assessment, deployment optimisation and remediation, entitlement and contract analysis, and strategic negotiation — the $4 million claim was resolved at zero cost. The company did not purchase a single new Java licence or subscription. Oracle withdrew the claim entirely.
This case study documents the methodology, the specific tactics employed at each phase, and the lessons that any enterprise facing an Oracle Java audit can apply. It demonstrates that Oracle's audit claims, however alarming their initial numbers, are built on assumptions that can be systematically challenged when the customer has accurate data, deep licensing expertise, and a credible remediation strategy.
| Metric | Value |
|---|---|
| Industry | Manufacturing — material handling equipment |
| Global employees | ~20,000 |
| Oracle's initial Java claim | $4,000,000 |
| Final resolution cost | $0 |
| Savings achieved | $4,000,000 (100% reduction) |
| Future annual cost avoidance | $1.6M+ per year in avoided subscriptions |
| Engagement duration | ~8 weeks from engagement to resolution |
| Advisory partner | Redress Compliance |
Client Background — A Complex Manufacturing Environment With Deep Java Dependencies
The client is a globally recognised manufacturer of material handling equipment — forklifts, warehouse automation systems, and fleet management technology used by logistics and manufacturing companies worldwide. With approximately 20,000 employees across manufacturing plants, distribution centres, corporate offices, and R&D facilities in multiple countries, the company operates a complex IT landscape that reflects the demands of modern industrial manufacturing.
Java's Role in the Business
Java technology was deeply embedded across the company's IT estate, serving multiple critical functions. Internally developed software — including fleet management applications, warehouse control systems, and manufacturing execution systems — was built on Java. Enterprise applications from third-party vendors (including supply chain, ERP, and quality management systems) relied on Java runtimes. Development environments used Java Development Kits (JDKs) for ongoing software engineering. And critically, embedded systems on the shop floor — devices controlling forklift operations, automated guided vehicles, and sensor networks — incorporated Java runtimes.
This meant Java was not confined to traditional server rooms. It existed across factories, warehouses, developer workstations, and field-deployed devices.
Historical Java Licensing Posture
Like many manufacturing enterprises, the company had used Oracle's Java SE for years under the assumption that it was freely available for commercial use — which had been largely true prior to Oracle's licensing changes. The company had a modest Oracle software relationship (primarily database licences for some corporate systems) but had never purchased separate Java licences, as Java had historically been distributed at no charge. When Oracle announced its Java licensing changes in 2019 and subsequently shifted to the employee-based Java SE Universal Subscription model in January 2023, the company's IT team was aware of the changes but had not assessed the full implications for their extensive Java estate.
The Trigger — Oracle Initiates a Java Licensing Review
In mid-2023, the company received a communication from Oracle's licence management team requesting a "Java licensing review" — Oracle's standard terminology for what is, in practice, a compliance audit targeting Java SE usage. The communication cited Oracle's records indicating that the company had downloaded Oracle Java updates and that its Java deployment may not be covered by a current subscription.
Oracle's Initial Assessment and Claim
Over the following weeks, Oracle's audit team requested information about the company's Java environment. Based on the data gathered — combined with Oracle's own download tracking records — Oracle presented a compliance assessment alleging that the company's Java installations across development, production, and embedded environments were unlicensed. Oracle calculated the compliance claim using its employee-based Java SE Universal Subscription model: 20,000 employees x $15 per employee per month x a retroactive period plus forward subscription commitment.
| Oracle's Claim Component | Basis | Amount |
|---|---|---|
| Retroactive Java SE licence fees (2019–2023) | 20,000 employees x historical subscription rate x back period | ~$2,400,000 |
| Forward annual Java SE subscription | 20,000 employees x $15/month ($180/year) | ~$1,600,000/year |
| Total initial claim | Retroactive + first year forward | ~$4,000,000 |
The Impact on the Business
The $4 million claim represented a significant unbudgeted cost for the company. Java had never been a material IT expense, and no budget allocation existed for Java licensing. The claim created immediate alarm at the executive level — the CIO and CFO were confronted with a multi-million-dollar demand for software the company had previously considered free.
Oracle's tactics added urgency: the audit team implied that every instance of Oracle Java on virtualised servers and employee workstations required a paid subscription, and that continued unlicensed use would expose the company to further legal and financial risk. Facing aggressive timelines, escalating pressure from Oracle, and the genuine complexity of determining the company's actual Java compliance position across a global manufacturing environment, the company engaged Redress Compliance to defend against the claim.
🛡️ Received an Oracle Java Licensing Review Notice? Do not respond substantively to Oracle before engaging independent advisory support. See our What to Expect in an Oracle Java Audit guide for immediate steps.
Java Audit Defense →Phase 1 — Comprehensive Java Estate Assessment
Redress Compliance's first action was to establish the facts. Oracle's $4 million claim was based on assumptions about the company's Java usage that needed to be verified — and challenged — with hard data.
Full Environment Discovery
Redress deployed a comprehensive Java discovery process across the company's entire global IT estate: production servers (physical and virtualised) across manufacturing plants and data centres, development and testing environments in R&D facilities, corporate desktops and laptops, CI/CD build pipelines, shop-floor embedded systems and industrial control devices, and cloud-hosted instances.
The discovery used a combination of SAM tool scanning, custom java -version enumeration scripts, and manual verification for embedded systems that were not accessible to standard scanning tools. The goal was to identify every Java installation — Oracle JDK, Oracle JRE, and non-Oracle Java distributions — across every environment.
Vendor Attribution — Oracle vs Non-Oracle
A critical finding emerged during the assessment: a substantial portion of the company's Java installations were not Oracle's Java at all. Many servers and development workstations had been set up with OpenJDK or other non-Oracle distributions by IT teams who had informally adopted open-source Java in response to Oracle's licensing changes. These non-Oracle Java installations were incorrectly included in Oracle's claim — Oracle's audit methodology had assumed that all Java installations were Oracle's distribution without verifying the vendor attribution.
Usage Context Mapping
For each confirmed Oracle Java installation, Redress documented the usage context: which application depended on it, whether it was in production, development, or testing, who owned the system, and whether the installation was actively used or a dormant artefact from a previous deployment. This contextual data was essential for the negotiation strategy that followed.
Key Finding — Phase 1: The assessment revealed that Oracle's claim significantly overstated the company's actual Oracle Java footprint. A substantial number of installations flagged by Oracle were non-Oracle Java distributions (OpenJDK, Amazon Corretto), decommissioned or dormant systems no longer in active use, or development/testing environments with limited or no Oracle Java exposure. This data formed the foundation for challenging Oracle's claim.
Phase 2 — Deployment Optimisation and Remediation
With the assessment complete, Redress worked with the company's IT teams to actively reduce the Oracle Java footprint — removing or replacing Oracle JDK installations wherever possible to shrink the scope of any potential compliance obligation.
Non-Essential Oracle JDK Removal
Installations of Oracle JDK that were not required — dormant installations on decommissioned application servers, redundant JDK copies on developer workstations, and Oracle JRE installations on corporate desktops where no Java application was actually used — were systematically uninstalled. This was the lowest-effort, highest-impact remediation action: removing software that serves no purpose but creates compliance exposure.
OpenJDK Replacement
For active Java deployments where the application did not specifically require Oracle's distribution, Redress coordinated the replacement of Oracle JDK with Eclipse Temurin (OpenJDK). This included developer workstations and build environments (where the JDK vendor is functionally irrelevant), internal applications built on standard Java APIs with no Oracle-specific dependencies, and containerised workloads where the Java runtime could be swapped by updating the base image.
Regression testing confirmed that all migrated applications performed identically on OpenJDK — consistent with the technical reality that Oracle JDK and OpenJDK are built from the same source code.
Embedded Systems Assessment
The shop-floor embedded systems presented a unique challenge. Manufacturing control devices running Java on specialised hardware required careful evaluation. Redress determined that several of these systems used Java runtimes provided by the device manufacturer under OEM agreements — meaning the Java licence was covered by the equipment vendor's Oracle OEM licence, not by the company's own Java subscription obligation. Other embedded systems were running older Java versions that predated Oracle's licensing changes and were covered under the original free-use terms.
| Remediation Category | Action Taken | Impact on Oracle's Claim |
|---|---|---|
| Non-essential Oracle JDK removal | Uninstalled dormant/redundant Oracle JDK | Directly removed from scope |
| OpenJDK replacement (dev/test) | Replaced Oracle JDK with Eclipse Temurin | No longer Oracle JDK — excluded from claim |
| OpenJDK replacement (production) | Migrated internal applications to Temurin | Reduced production Oracle JDK to near-zero |
| OEM-covered embedded systems | Verified OEM Java licence from equipment vendors | Excluded — covered under vendor OEM agreement |
| Legacy version entitlement | Verified free-use entitlement for pre-2019 Java versions | Excluded — not subject to post-2019 licensing |
Phase 3 — Entitlement and Contract Analysis
While the deployment optimisation was reducing the physical Oracle JDK footprint, Redress simultaneously conducted a thorough analysis of the company's existing Oracle contracts and entitlements to identify any Java coverage that Oracle's audit team had overlooked or ignored.
Existing Oracle Agreement Review
Redress reviewed every Oracle contract in the company's portfolio — Oracle Master Agreement, ordering documents, licence grants, support contracts, and any associated amendments. The analysis focused on identifying any clause, entitlement, or bundled component that provided Java SE coverage.
Key finding: the company's Oracle Database licences included bundled Java runtimes for use in connection with the database — a common entitlement that Oracle's audit team had not credited. While this bundled Java was limited in scope (covering only the database-related Java usage), it eliminated a meaningful portion of the remaining Oracle Java installations from the compliance gap.
OEM Licence Verification
For third-party enterprise applications that shipped with Oracle JDK as a bundled component, Redress contacted each vendor to verify whether their Oracle OEM agreement covered the Java runtime. Multiple vendors confirmed that their OEM licences included Java SE for the specific use of their software products. These installations were documented and excluded from Oracle's claim.
Historical Entitlement Mapping
Redress mapped historical Java download and deployment timelines against Oracle's evolving Java licensing policies. Java deployments that occurred under Oracle's earlier free-use terms (pre-April 2019) and had not been updated to newer versions were not subject to the post-2019 subscription requirement. This historical analysis further narrowed the window of alleged non-compliance.
Key Finding — Phase 3: Oracle's audit team had failed to account for existing entitlements that covered a meaningful portion of the company's Java usage. The combination of Oracle Database bundled Java entitlements, OEM-covered installations from third-party vendors, and historical free-use entitlements for older Java versions significantly reduced the scope of genuinely unlicensed Java — which had already been reduced to near-zero through the Phase 2 remediation.
Phase 4 — Strategic Negotiation and Claim Resolution
With the assessment complete, remediation executed, and entitlements documented, Redress assembled the evidence package and engaged Oracle's audit team in fact-based negotiations.
The Counter-Position
Redress presented Oracle with a comprehensive counter-analysis demonstrating that the $4 million claim was not supportable based on actual facts. The presentation included a verified Java estate inventory showing that the majority of installations were non-Oracle Java (OpenJDK/Corretto) — not licensable by Oracle, documentation of all Oracle JDK installations that had been removed or replaced during the remediation phase, evidence of existing entitlements (Oracle Database bundled Java, OEM-covered installations, historical free-use entitlements) that covered remaining Oracle Java usage, and a clear timeline showing that the company's actual licensable Oracle JDK exposure — after remediation and entitlement credit — was effectively zero.
Challenging Oracle's Methodology
Redress specifically challenged several assumptions in Oracle's audit methodology. Oracle had assumed all Java installations were Oracle's distribution — the assessment proved many were OpenJDK. Oracle had applied the employee-based metric to the entire 20,000-person headcount — but the remediated estate showed no remaining licensable Oracle JDK in production. Oracle had not credited existing entitlements from the company's Oracle Database licences or third-party OEM agreements. Oracle had applied retroactive charges to a period where many installations were covered under pre-2019 free-use terms.
The Resolution
Faced with Redress's detailed, fact-based counter-position — and recognising that the company had demonstrably remediated its Java estate and could document existing entitlements for any remaining Oracle Java — Oracle withdrew the $4 million claim. The company did not purchase a single Java licence or subscription. The issue was resolved at zero cost.
| Oracle's Claim Element | Oracle's Position | Redress Counter-Position | Outcome |
|---|---|---|---|
| All Java installations are Oracle's | Assumed all Java = Oracle JDK | Proved substantial portion was OpenJDK/Corretto | Non-Oracle Java excluded |
| 20,000 employees in scope | Full headcount metric applied | No remaining licensable Oracle JDK after remediation | Employee metric not applicable |
| Retroactive fees (2019–2023) | Full back period at subscription rates | Historical entitlements + pre-2019 free-use terms | Retroactive period eliminated |
| Embedded system Java | Included in compliance gap | Covered under OEM agreements from device vendors | Excluded from claim |
| Oracle Database bundled Java | Not credited in audit assessment | Existing entitlement documented from Oracle contracts | Credited against installations |
| Total claim: $4,000,000 | $4M demanded | $0 owed after analysis and remediation | Claim withdrawn — $0 cost |
📊 Want to assess your Oracle Java compliance exposure? Our free assessment tool identifies risks and remediation opportunities across your Java estate.
Oracle Assessment Tools →Outcomes and Business Impact
The resolution of the Oracle Java audit claim at zero cost produced immediate and lasting benefits for the company across financial, operational, and strategic dimensions.
| Impact Category | Metric | Value |
|---|---|---|
| Immediate savings | Audit claim eliminated | $4,000,000 |
| Annual cost avoidance | Java SE subscription not purchased | $1,600,000/year |
| 3-year total financial benefit | Immediate + avoided subscription | $8,800,000 |
| Java governance | Complete global Java inventory | First-ever comprehensive documentation |
| Ongoing compliance risk | Oracle JDK in environment | Eliminated — fully migrated to OpenJDK |
| Future audit exposure | Defensible position documented | Zero — clean environment with evidence |
Immediate Savings
The full $4 million Oracle Java audit claim was eliminated without any payment to Oracle. The company did not purchase a single Java licence or subscription.
Annual Cost Avoidance
The company avoided approximately $1.6 million per year in ongoing Java SE Universal Subscription costs that Oracle had proposed as the forward-looking licensing requirement.
3-Year Total Benefit
Over a typical 3-year Oracle agreement term, the total financial benefit — immediate savings plus avoided subscription — exceeded $8.8 million.
The assessment and remediation process produced a complete, documented inventory of every Java installation across the company's global IT estate — a governance asset that did not exist before the engagement. The migration to OpenJDK for non-essential Oracle JDK installations improved the company's flexibility by eliminating dependency on Oracle for Java runtime updates and security patches. The embedded systems OEM licence verification provided clarity that protected the company against future claims related to shop-floor Java usage.
Lessons for Enterprises Facing Oracle Java Audits
This engagement illustrates several principles that apply broadly to any enterprise facing an Oracle Java audit. These lessons are drawn directly from the tactics and outcomes of this case.
Oracle's Numbers Are a Starting Position, Not a Final Obligation
Oracle's $4 million claim was not a calculation of actual compliance liability — it was a theoretical maximum designed to create urgency and anchor negotiations. The actual compliance gap, once properly assessed, was effectively zero. Never accept Oracle's initial numbers at face value. Always conduct your own independent assessment before responding substantively.
Vendor Attribution Is the Single Most Important Data Point
A substantial portion of Oracle's claim was based on the incorrect assumption that all Java installations were Oracle's distribution. Proving that many installations were OpenJDK or other non-Oracle distributions immediately excluded them from the claim. SAM tools and custom scripts must be configured to capture vendor attribution.
Existing Entitlements Are Often Overlooked — By Both Sides
Oracle's audit team did not credit the company's existing Java entitlements from Oracle Database licences and third-party OEM agreements. These entitlements existed in the company's Oracle contracts but had never been mapped to actual Java deployments. A thorough entitlement review is an essential component of any audit defence.
Remediation During the Audit Changes the Calculus
The company did not wait for the audit to conclude before taking action. By actively removing unnecessary Oracle JDK installations and migrating to OpenJDK during the engagement, they reduced the compliance gap in real time. Oracle cannot charge for software that has been demonstrably removed. Every installation eliminated during the audit period directly reduces the claim.
Expert Advisory Transforms the Outcome
The company's internal IT team did not have the licensing expertise to interpret Oracle's Java audit methodology, identify entitlement credits, or construct a defensible counter-position. Engaging Redress Compliance provided the specialised knowledge that transformed a $4 million demand into a $0 resolution. The ROI on advisory is not marginal — it is transformative.
"Redress Compliance turned a potential $4 million nightmare into a non-issue. Their expertise in Oracle Java licensing and audit defense was evident from day one. With Redress guiding us, we achieved full compliance without paying Oracle a cent. We not only saved millions but also learned how to manage our Java usage strategically to avoid future risks."
CIO — Global Manufacturing Company
Applying This Approach to Your Organisation — The 10-Step Framework
The methodology that produced the zero-cost resolution in this case study is repeatable. Any enterprise facing an Oracle Java audit can apply the same structured approach.
| # | Action | Owner | Timeline |
|---|---|---|---|
| 1 | Receive Oracle inquiry — acknowledge receipt; provide no substantive data; engage advisory support | Procurement / Legal | Day 1–5 |
| 2 | Conduct comprehensive Java discovery across all environments (production, dev, test, embedded, cloud) | IT / SAM Team | Week 1–3 |
| 3 | Classify all Java installations: Oracle JDK, OpenJDK, OEM-bundled, dormant/decommissioned | IT / Advisory | Week 2–4 |
| 4 | Review all Oracle contracts and third-party vendor agreements for existing Java entitlements | Procurement / Legal / Advisory | Week 2–4 |
| 5 | Remove non-essential Oracle JDK installations (dormant, redundant, unused) | IT | Week 3–6 |
| 6 | Migrate replaceable Oracle JDK installations to OpenJDK (dev, test, eligible production apps) | IT / Application Teams | Week 3–8 |
| 7 | Verify OEM Java licence coverage for third-party and embedded system Java installations | Procurement / Advisory | Week 3–5 |
| 8 | Assemble counter-position: verified inventory, entitlements, remediation evidence, exclusions | Advisory / Legal | Week 6–7 |
| 9 | Present counter-position to Oracle; challenge each element of their claim with documented evidence | Lead Negotiator / Advisory | Week 7–10 |
| 10 | Implement ongoing governance: policy, scanning, URL blocking, CI/CD enforcement to prevent recurrence | IT Governance | Week 10+ |
This framework — assessment, remediation, entitlement discovery, and strategic negotiation — has produced consistent results across Redress Compliance's Java audit defence engagements. While not every case results in a zero-cost resolution (the specific outcome depends on the client's actual Java estate and entitlement position), the methodology consistently achieves 60 to 100% reductions from Oracle's initial claims.
🛡️ Facing an Oracle Java audit? Redress Compliance provides independent advisory with deep expertise in Oracle's Java licensing mechanics, audit defence methodology, and negotiation tactics. Our Java practice has eliminated millions in Oracle Java claims worldwide.
Java Audit Defense Service →Frequently Asked Questions
Through four complementary actions: proving that a substantial portion of Java installations were non-Oracle distributions (OpenJDK, Corretto) not subject to Oracle licensing, removing unnecessary Oracle JDK installations from the environment, identifying existing entitlements (Oracle Database bundled Java, third-party OEM agreements) that covered remaining installations, and demonstrating that historical free-use terms applied to pre-2019 deployments. The combination reduced the genuine compliance gap to effectively zero.
Approximately 8 weeks from engagement to resolution. The assessment and remediation phases ran in parallel (weeks 1–6), with the entitlement analysis and negotiation overlapping in weeks 4–8. The key to the compressed timeline was starting remediation immediately rather than waiting for the assessment to complete.
No. The resolution was achieved at zero cost. The company did not purchase any Java SE subscriptions, did not pay any retroactive fees, and did not make any payment to Oracle related to the Java audit claim.
Four categories were excluded: non-Oracle Java distributions (OpenJDK, Amazon Corretto) that Oracle cannot licence, Oracle JDK installations that were removed during remediation (Oracle cannot charge for uninstalled software), installations covered under existing entitlements (Oracle Database bundled Java, third-party OEM agreements), and historical deployments covered under pre-2019 free-use terms.
Yes — Oracle retains audit rights under its Master Agreement. However, the company's post-engagement position is fully defensible: all Oracle JDK has been removed or covered by existing entitlements, an ongoing governance framework prevents Oracle JDK re-contamination, and the documented evidence package provides a permanent defence record. A future audit would find zero Oracle JDK exposure.
The specific zero-cost outcome depended on this company's circumstances — particularly the substantial non-Oracle Java installations, the available entitlements, and the successful remediation. Not every organisation will achieve a zero-cost resolution. However, the methodology consistently produces 60 to 100% reductions from Oracle's initial claims. The key variables are how much of your Java is actually Oracle's distribution, whether you have existing entitlements that have not been credited, and how quickly you can remediate non-essential Oracle JDK.
Critical. The migration of non-essential Oracle JDK installations to OpenJDK during the engagement directly reduced the compliance gap. Every installation migrated to OpenJDK was one fewer installation that Oracle could claim required licensing. The migration also demonstrated to Oracle that the company had a credible alternative — reinforcing the negotiation position.
Embedded systems running Java on manufacturing equipment were evaluated separately. Several were found to be covered under the equipment vendor's OEM agreement with Oracle — meaning the device manufacturer's licence covered the Java runtime bundled with their product. Others were running older Java versions under pre-2019 free-use terms. These findings were documented and presented to Oracle as exclusions from the claim.
The company implemented a comprehensive Java governance framework: an enterprise policy designating OpenJDK as the standard (prohibiting Oracle JDK without explicit approval), network-level blocking of Oracle JDK download URLs, automated monthly scanning across all environments to detect any Oracle JDK re-introduction, and vendor software screening to prevent third-party products from introducing Oracle JDK.
The advisory fee was a fraction of the $4 million claim — representing an ROI well in excess of 50:1. When the ongoing annual cost avoidance of $1.6 million per year is included, the total financial benefit over a 3-year period exceeds $8.8 million against a modest advisory investment. This ROI pattern is consistent across our Java audit defence engagements.
📚 More in This Series: Oracle Java Advisory
⭐ Oracle Advisory Services — Complete Guide What to Expect in an Oracle Java Audit Negotiation Tactics for Oracle Java Audits SAM Tools and Oracle Java Audits OpenJDK vs Oracle JDK — Migration Strategy Top Oracle Java Audit Triggers Java Compliance Assessment Service Java Audit Defense Service Java Advisory Services Oracle Audit Defense Service Java Licensing and Audit Defense Case Studies🧰 Oracle Tools and Resources: Oracle Assessment Tools | Oracle Audit Playbook | All Audit Defence Kits | All Renewal Playbooks | Enterprise Assessment Tools
🚀 Need Help With Your Oracle Licensing?
Redress Compliance has helped hundreds of Fortune 500 enterprises — typically saving 15 to 35% on Oracle renewals, ULA negotiations, and audit defense. Our team includes former Oracle licensing specialists who understand Oracle's audit methodology from the inside.
Oracle ULA Optimisation | Oracle Audit Defense | Java Audit Defense | Book a Consultation