ActiveState

ActiveState Welcomes New CEO Stephen Baker to Lead the Future of Secure Open Source Integration

Retrieved on: 
Tuesday, January 16, 2024

VANCOUVER, BC, Jan. 16, 2024 /PRNewswire/ -- ActiveState is pleased to announce that Stephen Baker has joined as Chief Executive Officer of ActiveState to lead the vision and future of secure open source integration. Most recently the Director of Generative AI and Machine Learning at Amazon Web Services (AWS), Stephen was also previously a CEO of a number of successful technology companies in the Search, Developer Experience, and Artificial Intelligence spaces. Stephen's extensive knowledge and experience in commercializing Enterprise SaaS solutions that accelerate innovation, drive productivity and leverage open source technology made him an obvious choice. A 25-plus-year technology industry veteran, Stephen has a track record for building world-class organizations and bringing disruptive technology to market including MP3s, speech recognition, NFTs, and, most recently, Generative AI.

Key Points: 
  • VANCOUVER, BC, Jan. 16, 2024 /PRNewswire/ -- ActiveState is pleased to announce that Stephen Baker has joined as Chief Executive Officer of ActiveState to lead the vision and future of secure open source integration.
  • "ActiveState is so unique in that it makes both safety and innovation possible with secure open source integration, allowing developers to simply build with confidence.
  • I'm excited to work with this world-class team to build the industry's most-loved secure open source integration platform and realize our vision of making open source software easy and safe for enterprises."
  • ActiveState is building the future of secure open source integration with a platform that scales for development teams large and small as well as the most cutting-edge and heavily regulated industries.

Vertu Capital Acquires Secure Open Source Integration Platform Company, ActiveState

Retrieved on: 
Tuesday, November 7, 2023

TORONTO, Nov. 7, 2023 /PRNewswire/ - Vertu Capital, a private equity firm investing in global software and software-enabled technology companies, is pleased to announce its acquisition of ActiveState Software Inc. ("ActiveState"), a Vancouver-based company that supports enterprise software developers in the secure creation and management of applications that use open source programming languages.

Key Points: 
  • TORONTO, Nov. 7, 2023 /PRNewswire/ - Vertu Capital, a private equity firm investing in global software and software-enabled technology companies, is pleased to announce its acquisition of ActiveState Software Inc. ("ActiveState"), a Vancouver-based company that supports enterprise software developers in the secure creation and management of applications that use open source programming languages.
  • Widespread adoption of open source code has led to significant productivity improvements in software development but has also introduced complexity when it comes to securely managing the open source supply chain.
  • Some 97% of Fortune 1000 companies are turning to ActiveState and its secure open-source integration platform to boost developer productivity while seamlessly providing the necessary compliance with security requirements.
  • "We are thrilled to be partnering with ActiveState at such an exciting time in their growth journey," said Gil Nayot, Partner with Vertu Capital.

ACTIVESTATE ENABLES SECURE OPEN SOURCE INTEGRATION FOR DEVELOPERS AMID CHANGING US REGULATIONS

Retrieved on: 
Tuesday, June 27, 2023

VANCOUVER, BC, June 27, 2023 /PRNewswire/ -- In case you missed it, the US Government recently let their own direct consumers of open source off the hook for the first iteration of the Secure Software Development Attestation requirement that is a major part of Executive Order 14028.  Announced in May of 2021, Executive Order 14028 called for the provenance of software developed by and sold to the government to be proven and submitted, or to be listed on the producer's public website.

Key Points: 
  • With the increasing adoption of open source, lax supply chain security is now an existential threat to development.
  • With the increasing adoption of open source, lax supply chain security is now an existential threat to development.
  • "We built ActiveState to tackle the toughest unsolved problem that developers face when trying to securely integrate open source - scaled, repeatable and secure open source dependency management across multiple operating systems and language ecosystems," said Scott Robertson, CTO of ActiveState.
  • "Our product lets security teams jump from zero visibility to true open source observability while also helping developers escape dependency hell.

Alongside SLSA 1.0 Stable Release & EO 14028 Requirements, ActiveState Deploys Signed Attestations and SBOMs for Complete Provenance

Retrieved on: 
Wednesday, April 26, 2023

VANCOUVER, BC, April 26, 2023 /PRNewswire/ -- Today, ActiveState announced the availability of the security industry's most complete provenance solution for open source languages. ActiveState already provides secure open source dependencies for organizations that need to comply with software supply chain security requirements, such as those laid out in President Biden's Executive Order 14028 (EO 14028).  Those security-conscious organizations will now also benefit from ActiveState's software attestations, Software Bill Of Materials (SBOMs) and hardened build service – features that also deliver the highest level of Supply chain Levels for Software Artifacts (SLSA) Level 3 compliance out of the box.  ActiveState released these capabilities to support Developers, DevSecOps and Application Security teams as pressure continues to mount around the implementation of supply chain security and proactive protection of public and private code repositories. 

Key Points: 
  • VANCOUVER, BC, April 26, 2023 /PRNewswire/ -- Today, ActiveState announced the availability of the security industry's most complete provenance solution for open source languages.
  • ActiveState already provides secure open source dependencies for organizations that need to comply with software supply chain security requirements, such as those laid out in President Biden's Executive Order 14028 (EO 14028).
  • ActiveState provides the security industry's most complete provenance solution for open source languages like Python.
  • ActiveState has made automatically generated, machine-readable provenance simple and accessible via the ActiveState Platform.

OpenSSF Announces SLSA Version 1.0 Release

Retrieved on: 
Wednesday, April 19, 2023

SAN FRANCISCO, April 19, 2023 /PRNewswire/ -- The Open Source Security Foundation (OpenSSF) is proud to announce the release of version 1.0 of Supply-chain Levels for Software Artifacts (SLSA, pronounced "salsa"). SLSA is an OpenSSF project that provides specifications for software supply chain security, established by community expert consensus. SLSA's framework is organized into a series of levels that describe increasing security rigor, designed to give confidence that software hasn't been tampered with and can be securely traced back to its source. SLSA is a supply chain security language that everyone can speak to help identify where software stands and how to mature their security posture.

Key Points: 
  • Framework for Improving Software Supply Chain Security Announces Stable Release, Helps Secure Builds Against Supply Chain Attacks
    SAN FRANCISCO, April 19, 2023 /PRNewswire/ -- The Open Source Security Foundation (OpenSSF) is proud to announce the release of version 1.0 of Supply-chain Levels for Software Artifacts ( SLSA , pronounced "salsa").
  • SLSA is an OpenSSF project that provides specifications for software supply chain security, established by community expert consensus.
  • "The OpenSSF is working hard to put more rigor into the software development process," said Brian Behlendorf, General Manager of the OpenSSF.
  • - Bruno Domingues, CTO - Worldwide Financial Services and Principal Engineer, Intel
    As a member of the SLSA steering committee, I am thrilled to see the release of SLSA 1.0.

ActiveState Strengthens Open Source Supply Chain Security by Offering its Market-Leading Artifact Repository at No Cost

Retrieved on: 
Wednesday, December 14, 2022

VANCOUVER, BC, Dec. 14, 2022 /PRNewswire/ -- Today, ActiveState announced that it is now offering the ActiveState Artifact Repository free of charge in all tiers of the ActiveState Platform (including its popular Free Tier) for a limited time. The ActiveState Artifact Repository was released in September 2022 as the first in the industry to enable organizations to securely build Python open source dependencies directly from source code using ActiveState's secure build service. All built code is then stored directly in the organization's own private ActiveState Artifact Repository for distribution, creating a closed-loop environment that maximizes supply chain security.

Key Points: 
  • All built code is then stored directly in the organization's own private ActiveState Artifact Repository for distribution, creating a closed-loop environment that maximizes supply chain security.
  • Since its launch, the ActiveState Artifact Repository has proven valuable to ActiveState customers and integrates with a host of other industry-leading secure supply chain capabilities that are built right into the ActiveState Platform, including:
    By making the ActiveState Artifact Repository free of charge for all tiers of service and coupling it with other essential open source security capabilities, ActiveState makes it easier than ever for organizations to place security at the heart of their open source supply chain.
  • Using the comprehensive set of open source security tools that are incorporated in the ActiveState Platform, coupled with the ActiveState Artifact Repository, organizations of all sizes are able to better protect themselves and their customers from supply chain attacks.
  • Enterprises choose ActiveState to support mission-critical systems and speed up software development while enhancing the security and integrity of their open source supply chain.

ActiveState Enables Software Vendors to Comply with White House Orders for Securing the Software Supply Chain

Retrieved on: 
Thursday, November 10, 2022

VANCOUVER, BC, Nov. 10, 2022 /PRNewswire/ -- Today, ActiveState announced the availability of open source software attestations, making it the first open source software platform to deliver this essential component of software supply chain security. The ability to obtain self-attestation for all third-party software, as well as producing a software bill of materials (SBOM), is part of sweeping guidance from the National Institute of Standards and Technology (NIST) that has been adopted by the White House. According to a recent White House order, all critical software that touches government data or systems in any way must be compliant with these new security standards no later than June 12, 2023. All software must adhere to these strict standards no later than September 14, 2023.

Key Points: 
  • VANCOUVER, BC, Nov. 10, 2022 /PRNewswire/ -- Today, ActiveState announced the availability of open source software attestations, making it the first open source software platform to deliver this essential component of software supply chain security.
  • ActiveState builds and fervently maintains a curated catalog of trusted artifacts that meets the requirements for Supply Chain Levels for Software Artifacts ( SLSA ) level 4, including software bill of materials (SBOM) and attestations, to proactively secure customers' software supply chains.
  • Click to tweet: ActiveState adds open source attestations, alongside its existing software bill of materials (SBOM) capabilities, to enable customers to comply with White House orders regarding software supply chain security.
  • Loreli Cadapan, Vice President, Product, ActiveState, said: "We believe the White House order signals a larger trend that will soon become industry standard.

ActiveState Unveils its Artifact Repository for Open Source Python Packages Built With its Secure Build Service

Retrieved on: 
Tuesday, September 20, 2022

VANCOUVER, BC, Sept. 20, 2022 /PRNewswire/ -- Today, ActiveState announced the availability of the ActiveState Artifact Repository, the first artifact repository in the industry to enable organizations to securely build Python dependencies directly from source code. Rather than developers importing prebuilt Python dependencies from a public repository like the Python Package Index (PyPI), or from some internal build process that may not be secured from supply chain attacks, all Python artifacts are created via ActiveState's secure build service and stored directly in their own private ActiveState Artifact Repository for distribution, creating a closed-loop environment that maximizes supply chain security. 

Key Points: 
  • VANCOUVER, BC, Sept. 20, 2022 /PRNewswire/ -- Today, ActiveState announced the availability of the ActiveState Artifact Repository, the first artifact repository in the industry to enable organizations to securely build Python dependencies directly from source code.
  • The ActiveState Artifact Repository is a private repository, customized for each customer, that will only contain Python packages that have been vetted by the organization's security team.
  • Click to tweet: The ActiveState Artifact Repository securely builds and seamlessly distributes Python dependencies in a private repository customized for each customer, for a closed-loop environment that maximizes supply chain security.
  • Try the ActiveState Platform secure build service by signing up for a free ActiveState account .

Platform Science Expands Leadership Team with Key Executive Appointments

Retrieved on: 
Thursday, August 18, 2022

SAN DIEGO, Aug. 18, 2022 /PRNewswire/ -- Platform Science, a leading connected vehicle platform that makes it easier for fleets to develop, deploy, and manage mobile devices and applications, today announced leadership additions to its executive management team. Greg Ivancich has joined the company as Chief Financial Officer and Gerald Choung as Chief Revenue Officer.

Key Points: 
  • SAN DIEGO, Aug. 18, 2022 /PRNewswire/ -- Platform Science, a leading connected vehicle platform that makes it easier for fleets to develop, deploy, and manage mobile devices and applications, today announced leadership additions to its executive management team.
  • "Greg and Gerald are proven leaders with track records of delivering results and I am proud to welcome them to the executive team," said Jack Kennedy, co-founder and CEO of Platform Science.
  • Ivancich joins Platform Science from Saban Capital Group, a private investment firm where he served as CFO.
  • Platform Science is transforming transportation technology by empowering enterprise fleets with a unified, user-friendly technology platform.

ActiveState Delivers Trust For The Open Source Supply Chain

Retrieved on: 
Thursday, June 23, 2022

VANCOUVER, BC, June 23, 2022 /PRNewswire/ -- Today, ActiveState announced the availability of their secure build service, a major component of the ActiveState Platform, which implements the greatest number of Supply Chain Levels for Software Artifacts (SLSA) Level 4 controls of any publicly available build platform. As defined by slsa.dev, SLSA is "a security framework, a check-list of standards and controls to prevent tampering, improve integrity, and secure packages and infrastructure in your projects, businesses or enterprises. It's how you get from safe enough to being as resilient as possible, at any link in the chain."

Key Points: 
  • The ActiveState Platform secure build service supports SLSA Levels 1-4 to mitigate software supply chain risk.
  • Click to tweet: The ActiveState Platform secure build service provides controls to meet SLSA Level 4 standards which decreases the cost and risk of working with open source dependencies.
  • The ActiveState Platform secure build service implements the controls to generate SLSA level 4 artifacts for open source components that:
    Provide auditability of the source and the integrity of the provenance, respectively
    ActiveState pairs these controls with its unique open source management capabilities to deliver comprehensive software supply chain security that includes:
    Automated, tamper-proof builds of open source language dependencies from source code, including native libraries
    A catalog of source code that is maintained in perpetuity, ensuring build reproducibility even if dependencies are deleted or corrupted in public repositories
    This means that DevOps now has a trusted vendor for open source supply chain management as an alternative to setting up their own supply chains, which are time-consuming and inherently insecure.
  • Enterprises choose ActiveState to support mission-critical systems and speed up software development while enhancing the security and integrity of their open source supply chain.