ActiveState Launches Secure Container Image Catalog at KubeCon NA 2025

Online repository provides developers, DevOps, and security teams with free secure container images featuring popular open source languages and applications

VANCOUVER, BC, Nov. 12, 2025 /PRNewswire/ -- ActiveState, a leader in open source security, container security, and software supply chain management, today announced the launch of its Secure Container Image Catalog, a new web-based resource designed to help developers, DevOps, and security professionals easily browse, evaluate, and pull ActiveState's latest secure container images, without the need for third-party registries. Users can access the catalog by visiting catalog.activestate.com.

Meeting the Modern Software Supply Chain Challenge

The rapid adoption of containers in enterprise environments has fundamentally changed how software is built and deployed, but it has also introduced new security and compliance challenges. Engineering teams are often forced to choose between speed and security, using public base images that may introduce unknown vulnerabilities or compliance risks. Software and security teams spend countless hours triaging CVEs, maintaining patching roadmaps, and demonstrating compliance for audits. To combat this challenge, organizations turn to third-parties who can deliver packaged secure and compliant containers that keep development moving at speed.

ActiveState Secure Containers, launched in June 2025, addressed the demand for pre-packaged, trusted open source images. However, until now, users primarily relied on third-party registries to browse and evaluate these images, which limited visibility and control. ActiveState's new Secure Container Image Catalog closes this gap, offering a modern, user-friendly interface to access comprehensive image data, perform side-by-side comparisons with community images, and make confident decisions about container security, compliance, and functionality.

A Catalog Built for Technical Evaluation and Security

The ActiveState Secure Container Image Catalog gives users the power to:

• Browse and Pull Secure Images: Instantly access the latest base images for language runtimes, developer variants, and new application images—all curated, built, and continuously managed by ActiveState.
• Evaluate Key Security Metrics: Each image displays up-to-date CVE counts (with severity), VEX advisories, SBOMs, license information, and component lists—empowering security teams to assess fit at a glance.
• Compare Against Community Images: Users can view comparisons of ActiveState images versus popular community images on metrics like vulnerability count, update frequency, and image size.
• Demonstrate Compliance and Provenance: All images include detailed metadata, cryptographic verification, and regulatory artifacts to support compliance efforts and satisfy audit requirements.
• Request Customization and Legacy Versions: Need a custom build or an older variant? The catalog provides a direct path to request solutions tailored specifically to an organization's need.

"With this release, we're closing the gap between our secure container offering and the needs of technical evaluators and users in the enterprise," said Bob Shaker, CPTO of ActiveState. "Now, anyone can browse our catalog, evaluate images against critical metrics, and confidently pull or customize the secure containers they need—without leaving the ActiveState ecosystem."

Ready to see how secure containers can transform your DevSecOps workflow? Explore the ActiveState Secure Container Image Catalog now and experience direct access to the industry's most transparent and secure open source images. 

Certify Your Container Security Knowledge

Complementing this launch, ActiveState recently unveiled its Container Security Fundamentals Certification, a three-course certification that allows users to learn how to choose and implement secure containers, identify and remediate vulnerabilities, and generate and interpret SBOMs using modern container best practices. Sign up for ActiveState's Container Security Fundamentals Certification by visiting: https://www.activestate.com/academy/container-security-fundamentals/.

About ActiveState
ActiveState enables DevOps, InfoSec, and Development teams to improve their security posture while simultaneously increasing productivity and innovation to deliver secure applications faster.

We are the only solution in the market today that offers vulnerability-free open source language packages and containers and Intelligent Remediation, which identifies which vulnerabilities to prioritize, assesses the impact of updates causing breaking changes, prioritizes what to fix first, securely builds open source packages from source, and facilitates the build and deploy process to get fixes into production quickly and easily.

All from the trusted partner that pioneered and continues to lead enterprise adoption and use of open source software.

For more information, visit:
catalog.activestate.com

Learn more about Container Certification:
https://www.activestate.com/academy/container-security-fundamentals/

SOURCE ActiveState