ActiveState Unveils New Secure Container Image Catalog at KubeCon NA 2025
ActiveState Unveils New Secure Container Image Catalog at KubeCon NA 2025
ActiveState, renowned for its role in open source security, revealed the launch of its Secure Container Image Catalog at KubeCon NA 2025. This new resource aims to streamline developers, DevOps, and security teams’ access to secure container images tailored for popular open source programming languages and applications. The catalog can be accessed online at catalog.activestate.com.
Meeting the Demands of Modern Software Development
The shift towards containerization in software development has revolutionized production methodologies. However, it has also introduced various security threats and compliance issues. Engineering teams often face the challenging decision of prioritizing speed of deployment or the security of the software they produce. Frequently, teams resort to using public base images that may contain unfixed vulnerabilities or compliance issues, thus exposing organizations to potential risks. To navigate these complexities, many organizations look to third-party solutions that offer secured containers to maintain robust security without sacrificing development speed.
In June 2025, ActiveState took a significant step to address this by launching its line of Secure Containers. Although these secure images were initially available through third-party registries, this reliance limited user oversight and control over the images deployed. With the new Secure Container Image Catalog, ActiveState provides an intuitive, modern interface for users to access detailed data on each image, enabling informed choices regarding security and compliance.
The Features of the Secure Container Image Catalog
The catalog’s design allows users to:
- - Browse and Pull Secure Images: Users can seamlessly access the latest base images, application variants, and language runtimes, all curated and continuously managed by ActiveState.
- - Evaluate Key Security Metrics: Each image lists critical security data, including up-to-date CVE (Common Vulnerabilities and Exposures) counts, VEX advisories, Software Bill of Materials (SBOMs), licenses, and component details. This information allows security teams to quickly assess the suitability of images.
- - Compare with Community Images: The catalog enables easy comparisons of ActiveState’s images against popular community options, presenting important metrics such as vulnerability counts, update frequencies, and image sizes.
- - Certify Compliance and Metadata Provenance: Each image comes embedded not just with detailed metadata but also with cryptographic verification and regulatory artifacts essential for satisfying compliance standards and audit trails.
- - Request Custom Builds or Legacy Versions: Should users need specific versions or tailored containers, the catalog facilitates direct requests tailored to particular organizational needs, ensuring organizations can meet their unique requirements.
Bob Shaker, Chief Product and Technology Officer at ActiveState, emphasized the importance of this launch, stating, "With this release, we're closing the gap between our secure container offering and the needs of technical evaluators and users in the enterprise. Now, anyone can browse our catalog, evaluate images against critical metrics, and confidently pull or customize the secure containers they need—without leaving the ActiveState ecosystem."
Enhancing DevSecOps with Certification
To complement this catalog of secure containers, ActiveState has additionally rolled out its Container Security Fundamentals Certification. This comprehensive three-course program teaches essential skills, including how to select and implement secure containers, recognize and address vulnerabilities, and create and interpret SBOMs using modern best practices within containerization. Those interested can enroll in the program at their dedicated educational platform, accessible through ActiveState’s website.
ActiveState remains a pivotal player in enhancing the security framework of DevOps, InfoSec, and development teams, aiming not only to improve security practices but also to foster productivity and innovation in delivering secure applications swiftly. As a leader in offering vulnerability-free open source language packages, their advancements in container security position them as a trusted ally in the ever-evolving landscape of software development.
For further details on accessing the Secure Container Image Catalog, visit catalog.activestate.com, and to know more about the certification offerings, check out ActiveState Academy.
Topics Business Technology)
【About Using Articles】
You can freely use the title and article content by linking to the page where the article is posted.
※ Images cannot be used.
【About Links】
Links are free to use.