financetom
Technology
financetom
/
Technology
/
ActiveState Unifies 79M Components to Launch World's Largest Secure Open Source Catalog
News World Market Environment Technology Personal Finance Politics Retail Business Economy Cryptocurrency Forex Stocks Market Commodities
ActiveState Unifies 79M Components to Launch World's Largest Secure Open Source Catalog
Mar 11, 2026 4:33 AM

By consolidating 12+ language ecosystems into a single repository, the ActiveState Catalog enables DevSecOps teams to slash CVE exposure by up to 99% and reclaim 30% of engineering time

VANCOUVER, BC, Feb. 18, 2026 /PRNewswire/ -- ActiveState, a global leader in open source language solutions and secure software supply chain management, today announced it has grown its catalog of secure open source components to 79 million, effectively doubling coverage from 2025 and expanding to more than 12 languages. This provides DevSecOps teams one stop for acquiring trusted open source components for their software development and CVE remediation efforts. ActiveState's catalog now covers the most popular languages used in enterprise software development, including Java, Javascript, Go, Python, and R, among others, and offers the widest breadth and depth of any open source catalog in the market today. This release moves beyond scanners and image‑only hardening to a governed, multi‑language catalog that standardizes how enterprises consume open source. Companies who want to learn more can visit activestate.com.

Open Source Offers Opportunities - and Risks

ActiveState has grown its secure catalog to 79M, doubling coverage from 2025 and expanding to more than 12 languages.

Open source software powers 96% of modern software applications, with most companies using 5 to 7 different open source languages in their development process. While beneficial for speeding software development, open source creates chaos and complexity within DevSecOps teams: Without a unified, secure source for open source, software development teams open their companies up to risk each time they download a new package from the open internet or grab a container image from a public repository. Maintainer integrity is unknown, update schedules are inconsistent, and bad actors exploit known vulnerabilities into zero-day threats. Not only does this threaten companies' security posture, it creates an endless body of work for developers to manage, maintain, and troubleshoot third-party code to keep it vulnerability-free: they are forced to track CVEs for the components, dependencies, shared libraries, and then update, migrate, and replace components to maintain safety and compliance. This drains as much as 30-50% of valuable time and resources from developers that could be otherwise spent on revenue-driving innovation. Furthermore, it jeopardizes companies' ability to meet compliance requirements, which can also cause a financial impact. The adoption of AI code generators only increases the volume and opacity of these risks. 

A New "Golden" Path Forward: the ActiveState Catalog

ActiveState's enterprise-grade, secure catalog enables companies to tame the complexity of open source in their DevSecOps operations. Unlike point solutions focused on a single language or container layer, the ActiveState Catalog is the only solution that unifies component-level coverage across the 12 most-used open source ecosystems - from source code through language libraries and images - into one catalog, standardizing how developers acquire and update open source across languages through a governed golden path. Container images are just one output of the catalog, not the control point itself, which ensures consistency across all entities that leverage open source within an organization. And unlike other solutions, ActiveState doesn't lock you into a proprietary format that leads to vendor lock-in. 

All components are continuously monitored and maintained by ActiveState, with an industry-leading 5 business day remediation SLA for critical CVEs, and built from source in a SLSA-3 hardened build environment. In 2025, ActiveState's OSS build factory completed nearly 1 million successful open source builds for more than 200 global clients. These builds incorporate not only the base component, but also the associated language cores, dependencies, and operating systems required by the customer, ensuring complete, secure open source across the stack. 

Organizations choosing the ActiveState Catalog, such as Altair, Cisco, Moody's, and Tesco, eliminate hours of developers hunting for and evaluating open source from multiple vendors, saving as much as 30% of their time, and improve their company's overall security posture by reducing CVEs by up to 99%.

"We use Python, and R in our software development efforts at Statistics Finland, and sourcing, managing, and maintaining those from different sources increased our operational burden and risk profile," said Juhani Kauppo, project manager, from Statistics Finland. "Partnering with ActiveState and sourcing our OSS from their library has allowed us to strip away that overhead and strengthen our security posture. That gives our developers more time to focus on innovation and brings peace of mind to our security team."

Delivering the World's Most Comprehensive Open Source Catalog

The ActiveState catalog grew to 40 million components in mid 2025 when it introduced coverage for Java and R in addition to Python, Perl, Ruby, and Tcl. As of January 2026, the company has expanded its open source coverage to include other popular languages, including:

JavascriptGoRustPHP.NetC, C+, C++C#This brings the catalog component count to 79 million and growing.

"Our customers are seeing the benefit of offloading the management and maintenance of open source to ActiveState," said Bob Shaker, CPTO, ActiveState. "Our built-from-source components, ongoing CVE management, and integration with package repositories gives companies all of the benefits of open source without the headaches or being trapped into only using containers; ActiveState can also deliver these in native file type or managed distributions. This truly revolutionizes how modern software is managed."

To learn more about ActiveState's catalog of secure, trusted open source software, please visit www.activestate.com or Contact Us.

About ActiveState

ActiveState enables DevSecOps teams to improve their security posture while simultaneously increasing productivity and innovation to deliver secure applications faster. The company provides a trusted catalog of more than 79 million secure open source components and container images that can be consumed via artifact repository, CI/CD, IDE, or directly from ActiveState. ActiveState continuously monitors and updates the open source components to help keep companies vulnerability free. Companies using ActiveState see a 60-99% reduction in CVEs, improving their security posture, and save as much as 30% of developer time, eliminating the engineering toil typically associated with using open source in commercial applications. Learn more at www.activestate.com.

View original content to download multimedia:https://www.prnewswire.com/news-releases/activestate-unifies-79m-components-to-launch-worlds-largest-secure-open-source-catalog-302688011.html

SOURCE ActiveState

Comments
Welcome to financetom comments! Please keep conversations courteous and on-topic. To fosterproductive and respectful conversations, you may see comments from our Community Managers.
Sign up to post
Sort by
Show More Comments
Related Articles >
AT&T says issue disrupting some calls between wireless carriers resolved
AT&T says issue disrupting some calls between wireless carriers resolved
Jun 4, 2024
(Reuters) - AT&T said late on Tuesday that an issue that had prevented making some calls to other wireless carriers had been resolved. Earlier, AT&T, Verizon and T-Mobile said they were all experiencing issues with some calls between carriers. The interoperability issue between carriers has been resolved. We collaborated with the other carrier to find a solution and appreciate our...
Soybean price approaches the first extended target – Forecast today - 05-06-2024
Soybean price approaches the first extended target – Forecast today - 05-06-2024
Jun 4, 2024
Soybean Price Analysis Expected Scenario Soybean price continued to decline to approach 1150.00$ level, noticing that the price begins today with bullish bias affected by stochastic positivity, waiting to get negative motive that assist to push the price to resume the expected bearish trend for the upcoming period, which its targets extend to reach 1131.40$. Therefore, our bearish overview will...
Corn price keeps its negative stability – Forecast today - 05-06-2024
Corn price keeps its negative stability – Forecast today - 05-06-2024
Jun 4, 2024
Corn Price Analysis Expected Scenario Corn price tested the key resistance 449.20$ and kept its stability below it, to keep the bearish trend scenario active, affected by the previously completed double top pattern, waiting to visit 433.50$ as a next main target. The EMA50 supports the expected bearish trend, reminding you that it is important to hold below 449.20$ to...
Three US wireless companies report connection problems between carriers
Three US wireless companies report connection problems between carriers
Jun 4, 2024
(Reuters) -AT&T, Verizon and T-Mobile said on Tuesday that some customers were having problems with calls made to other wireless carriers, prompting the Federal Communications Commission to investigate. The extent of the problem was not immediately clear, though all three carriers said they were not experiencing widespread outages. There is a nationwide issue that is affecting the ability of customers...
Copyright 2023-2026 - www.financetom.com All Rights Reserved