Secure Your Software Supply Chain
Increase the security and integrity of your Python, Perl, and Tcl software supply chain.
Your open source supply chain is bigger than you think. In modern applications, 80% or more of the code typically comes from open source dependencies, but importing, building and consuming open source can expose you to undue risk across your software development lifecycle unless you’ve implemented strict security and integrity controls to your reduce software supply chain risks.
Want to see how good your existing security and integrity controls are?
Open Source Security
Secure the open source from which your software is built, with features like:
- A complete Bill of Materials (BoM) including transitive, shared and OS dependencies – you can’t secure what you don’t know.
- The ability to identify and remediate vulnerabilities faster.
As per the recent US Executive Order, these features will be NIST requirements for selling into government agencies by October 2022.
Supply Chain Integrity
Attest to the provenance (ie., the source) of all open source software with security measures like:
- Scripted, ephemeral, isolated and hermetic environments that ensure all components built from source code are verifiably reproducible (i.e., third-party software can be traced to the open source ecosystem from which it originated)
- Package signing (soon!) and checksums that help provide non-falsifiable provenance attestation.
Provenance ensures against the introduction of malware and malicious code that can introduce an attack vector or backdoor into your codebase. These kinds of development environment cyberattacks are quickly emerging as a key software supply chain attack since downstream customers deploying your patches, updates or upgrades all become vulnerable (such as happened with the SolarWinds hack).
Secure your supply chain from end to end. The ActiveState Platform is built to handle the unique needs of your organization, making it easy to secure and de-risk your use of Python, Perl, and Tcl.
Create secure Python, Perl and Tcl runtimes for your development, CI/CD and production environments that contain just the code needed to develop, test, and run your applications. Implement secure software development practices that align with DevSecOps initiatives, while shrinking application attack surfaces to improve cybersecurity.
Our catalog of open source software components is imported from open source community resources like PyPI, CPAN, GitHub and other public repositories. Indemnified components are vetted on import, and new versions regularly refreshed, enabling secure, timely vulnerability fixes to security vulnerabilities.
Every package is automatically built from source (including linked C libraries) from our set of known and tracked dependencies to make sure you’re getting the bits you expect (and not a compromised binary). The result is a much more secure software supply chain.
Reduce your security footprint by implementing a single solution (the ActiveState Platform) that provides tooling across the “import, build and consume” process for all languages, starting with Python, Perl and Tcl. Unlike individual package managers for each language, the ActiveState Platform provides a single, universal package management solution.
CVE (Common Vulnerabilities and Exposures) Remediation
Find, fix and automatically rebuild vulnerable Python, Perl and Tcl environments with secure components from the ActiveState Platform catalog, reducing Mean Time To Resolution (MTTR). Automate remediation.
Get an email whenever a Python or Perl dependency in your custom distributions are found to have a vulnerability, speeding time to remediation. Coming Soon.
97% Of Fortune 1000 Companies Rely On ActiveState To Save Time, Reduce Risk And Get To Market Faster.
Additional features our enterprise customers benefit from:
Managed CVE Scanning
We run security scans on your Python, Perl, and Tcl language environments, vetting them, notifying you of vulnerabilities, and providing you an email-able report. Best of all, you can then point-and-click to resolve vulnerabilities, and we’ll automatically rebuild your secure custom language distribution, ready to be deployed.
Still running Python 2 or older versions of Perl for your legacy applications? We offer the maintenance and support you need to resolve security issues, meet compliance requirements, and deliver on your customer obligations. Get support for all the core libraries and 3rd-party packages in your application and backported fixes from Python 3.
Managed & Maintained Builds
ActiveState provides timely updates to our ActivePython, ActivePerl and ActiveTcl distributions, as well as all the language versions available on the ActiveState Platform. We can also manage and provide validation for the Perl, Python and Tcl distributions you use in your organization on your behalf.