The most important number in your security program right now is not your CVE count.
It is how long your remediation sequence takes from "critical CVE identified" to "clean deployment in production."
Full read: buff.ly/EjYfOTB
#OpenSourceSecurity #CyberSecurity #AppSec
A 27-year-old flaw in OpenBSD. A 16-year-old vulnerability in FFmpeg that survived 5 million automated tests.
AI found both in the same project.
Full read: buff.ly/EjYfOTB
#ProjectGlasswing #OpenSourceSecurity #SoftwareSupplyChain
Project Glasswing found a 27-year-old zero-day in OpenBSD. Autonomously.
The finding problem just got solved. The remediation problem just got harder.
Industry average MTTR for a critical CVE: 60+ days. More CVEs, same infrastructure. Do the math.
buff.ly/SjD1r5R
#ProjectGlasswing #OSS
Securing the container was never the whole answer. The application dependencies inside it were always the risk.
In 2026, that gap has a name and a price tag.
buff.ly/v5ooi3Q
#OpenSourceSecurity #SoftwareSupplyChain #CyberSecurity
5 reasons your open source software strategy is a personal liability in 2026.
AI code volume broke the scan-and-pray model. Here's what's left exposed.
buff.ly/0QNitoA
#OpenSourceSecurity #SoftwareSupplyChain #CyberSecurity
AI pulls open source dependencies faster than humans can vet them. The perimeter was never the problem.
The ingredients were.
We broke down where application layer security actually stands in 2026.
substack.com/home/post/p-...
#OpenSourceSecurity #SoftwareSupplyChain #CyberSecurity
The axios attack highlights a gap that scanners alone can't bridge. When a hijacked credential pushes a RAT to a registry, the code has no provenance and no history. We need to pair our detection with immutable, built-from-source open source software to stay ahead.
Full story: buff.ly/xQYiHPx
Stop pulling unverified packages from the open internet and hoping for the best. 🕸️ 📉
Hope is not a security strategy. Discover how the world's largest secure OSS catalog is replacing the chaos of the public web with a rock solid DevSecOps pipeline. 🦾
Get the blueprint: buff.ly/rTt8FLD
#SupplyChain
Is your team losing 50% of its time to open source security toil?
Stop letting open source security debt kill your competitive edge. We just launched a library of 79 million secure components over 12+ language ecosystems to help you reclaim your engineering budget and ship faster.
96% of your code is open source. If your security strategy is just "hope and scan," you have a $1 trillion blind spot. 📉
We have unified 12+ language ecosystems into one secure golden path. 79 million components. Zero guesswork. High velocity. 🛡️🚀
buff.ly/x5DKAz6
#AppSec #OpenSource #TechTrends
Imagine a world where your security backlog actually hits zero. 🎯
It starts by changing how you source open source. Say goodbye to the chaos of the public web and hello to a secure build pipeline that scales with you. 🛡️🦾 buff.ly/koiT8gk
#AppSec #OpenSource #TechTrends
Stop treating security debt like a mandatory tax on development. 🛑
Pulling random packages from the open internet is a gamble you do not have to take. Learn how to build secure by design and leave the patching treadmill behind for good. 🏃♂️💨
The future of OSS is here: buff.ly/koiT8gk
#InfoSec #Coding
The secret to elite DevSecOps? Stop chasing vulnerabilities and start preventing them. 🎯
Learn how a secure OSS catalog transforms your workflow from reactive to revolutionary. 5 shifts you cannot afford to miss. 🚀
Dive in: buff.ly/rTt8FLD
#AppSec #OpenSource
Evaluating a curated OSS catalog in 2026? 🛡️ Do not just check for CVEs.
Software supply chains are now moving at machine scale and your open source security needs to keep up.
Get the full 2026 Evaluation Checklist here:
🔗 buff.ly/BDhalCI
#AppSec #DevSecOps #OpenSource
Exciting news! ActiveState welcomes industry veteran Abby Kearns as our new CEO.
With 25+yrs of experience (Foundry+Puppet), Abby is set to lead our next phase of growth in securing the global software supply chain.
Read more here: buff.ly/qVGUEXH
#OpenSource #InfoSec #TechNews
"It takes AI to beat AI... the trick is to keep humans in the loop."
@ActiveState's Bob Shaker joins @TechstrongTV to break down why the future of security is artful collaboration. Catch the full interview:
🔗 techstrong.tv/videos/lates...
Supply chain attacks have surged 300% since 2024. The old scan and fix model is officially broken. 📉
With Curated Catalogs:
✅ Eliminate 99% of CVEs
✅ Save 30 to 50% of developer time
Read more: buff.ly/fK2qkER
#DevSecOps #AppSec #CyberSecurity
The possibilities of tech are infinite when everyone has a seat at the terminal. Today, we’re proud to celebrate the brilliant women on our team and in the global dev community.
#IWD2026 #InternationalWomensDay #OpenSource #ActiveState
Are you ready for the EU CRA? 🛑
Don't wait for the deadline to scramble. We’ve put together a guide on the essential steps for compliance and expert advice for your teams.
Read more: buff.ly/7XqBYOu
#CyberResiliencyAct #InfoSec #AppSec #ActiveState
With 79M components, ActiveState now offers the world's largest secure open source library, giving DevSecOps teams one stop for trusted open source.
Full details here: buff.ly/5yEBlpS #OpenSource #DevSecOps #AppSec
We didn't just join the race; we set a new World Record. 🌎🏆
ActiveState has launched the world’s largest Secure Open Source library:
✅ 79M+ Secure Components
✅ 12+ Language Ecosystems
✅ 1st Place in Software Supply Chain Security
For More: buff.ly/5yEBlpS
#CyberSecurity #OSS
What would your team do with 30% more time? By consolidating 12+ language ecosystems into one repository, the ActiveState Catalog helps DevSecOps teams reclaim engineering hours.
See how: buff.ly/5yEBlpS #DeveloperProductivity #SoftwareEngineering
Big news! We’ve officially launched the world’s largest secure open source catalog, now featuring 79M unified components across 12+ language ecosystems. Stop searching and start building securely.
Read the full release: buff.ly/oJfLtzA #OpenSource #DevSecOps #AppSec
The data is in, and the findings might surprise you. 📊
ActiveState sat down with Alan Shimel on Techstrong TV to discuss how organizations are navigating the "new truths" of cybersecurity. 🔒
Watch now: buff.ly/r5Z0SYY
#CybersecurityTips #TechTalk #ActiveState #Techstrong #SecurityData
CVE volumes are skyrocketing, and manual remediation can't keep up. 🚀
ActiveState joins Techstrong TV to break down the State of Vulnerability Management 2026 report.
Is AI the secret weapon or the biggest threat? 🤖 🛡️
Watch now: buff.ly/r5Z0SYY
#InfoSec #Cybersecurity #CloudNative #AI
Hardened Images: 28. Unmanaged Risk: 0. The scoreboard says it all.
Eliminate the guesswork and manual overhead of securing your open source stack so your team can focus on the next big play.
Find your winning lineup and browse our catalog: buff.ly/3eNlqUv
#DevSecOps #ContainerSecurity
Starting with more pieces than your build actually needs? 🧱
ActiveState Secure Containers are built from source and ready for production, so teams can start with a build that includes only what matters.
Explore the public container image catalog: buff.ly/3opPwJt
#Containers #DevSecOps
Which of these 4 questions is keeping you up at night? 🌙
👇 Let us know which of these challenges is the most pressing for your team right now.
Looking for answers? Read the full article here
buff.ly/nJvXCLv
#OpenSource #AI #CyberSecurity #ActiveState #OSS2026
The wagers are in, and for many DevSecOps teams, the scores are looking a little lean. While containerization is the category of the year, the clues from 250 DevSecOps leaders show that many are still struggling to clear the board of CVEs and risk.
Download your copy: buff.ly/eFcdXw3
#ActiveState
This season, Activators took part in the Season of Giving Challenge, focused on supporting local food banks during the holiday season. The response was incredible.
Together, we raised over $5,800!
#GivingBack #CommunityImpact #SeasonOfGiving #ActiveState