Solution leverages the company’s 30 years of open source experience, secure catalog of over 40M+ components, and hands-on expertise to help enterprises secure their software supply chain
ActiveState, the leader in secure open source and intelligent remediation, announced it has expanded its support of secure open source to include free and customized low-to-no vulnerability containers that facilitate modern software development. Coupled with the industry’s largest catalog of secure open source components (40M+ and growing), ActiveState’s container offering gives enterprises a one-stop solution for securing their software supply chain.
The challenge with many secure container offerings is that they stop at the base layer or offer limited customization options, leaving teams to handle the rest of their application dependencies themselves or engage in slow, expensive service contracts to get what they need. ActiveState’s secure container offering, which includes both free and customizable options, bridges the gap between secure base images and app dependencies by providing a selection of hardened base containers that can be further customized using ActiveState’s leading catalog of managed application dependencies and build expertise.
Cyber Technology Insights : Euclid Cyber Teams Up with cysmo to Boost Cyber Risk Assessment and Portfolio Management
“ActiveState has been securing open source software for enterprises for nearly 30 years now; adding low-to-no vulnerability container images to our catalog is a natural expansion of our focus,” said Stephen Baker, CEO, ActiveState. “We understand the urgent need for secure, easy-to-use container solutions. Our new offering not only solves a critical problem DevOps and security teams are looking to solve right now but also expands ActiveState’s reach, driving growth and reinforcing our position as the open source security partner of choice.”
ActiveState delivers container images for the most popular open source software languages used in enterprise application development today as well as languages that power some of the economy’s most important infrastructure. Debuting today on the company’s DockerHub repositories are low-to-no vulnerability base images backed by the largest catalog of open source libraries to enable customization. This allows ActiveState to service the widest base of customers across highly regulated industries such as software, financial services, utilities, healthcare, government, and transportation and enable these businesses to secure not only their new applications, but also those they have been managing and maintaining for decades.
Base images are updated nightly; when vulnerabilities are identified, ActiveState remediates the container images within 7 days for critical vulnerabilities. For companies requiring customization of their container images, ActiveState’s customer success team offers the fastest customization turnaround in the industry.
Cyber Technology Insights : Keeper Security Achieves SOC 3 Compliance, Reinforcing Transparency and Trust
Key benefits include:
- Instant and ongoing security: Pre-built container images eliminate vulnerabilities from the start. Nightly builds and rigorous vulnerability remediation SLAs keep companies safe and secure over time.
- Unmatched Customization: ActiveState’s history of securing open-source enables customers to access over 40 million secure components, including Python, Java, Perl, and Go, to meet their application needs, bridging the gap between secure base images and vulnerable application dependencies.
- Battle-Tested Build Automation: Customers inherit the benefits of a secure, automated SLSA-3 build system that the ActiveState team uses to perform image customization. This allows teams to offload the risky process of building and maintaining custom images while saving on engineering and overhead costs.
- Simplified compliance: Low-to-no vulnerability custom containers help teams achieve and maintain complex compliance requirements without lengthy audit cycles. Further image hardening and industry-leading SLA for CVE remediation helps companies meet strict requirements (e.g., FedRAMP, SOC 2 etc.).
“As organizations face increasing pressure to secure both modern applications and long-maintained legacy systems, demand is growing for container images that go beyond hardened base layers to include trusted, up-to-date application dependencies,” said Katie Norton, research manager for DevSecOps and Software Supply Chain Security at IDC. “ActiveState’s secure container offering addresses this need by combining customizable base images with a large catalog of pre-vetted open source components, helping organizations strengthen software supply chain security while reducing manual effort.”
Cyber Technology Insights : Microchip Upgrades TrustMANAGER to Meet CRA Compliance and Cybersecurity Rules
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
Source: prnewswire