Application containers have become an essential building block in modern software development, helping teams move faster by removing the need to reinvent common infrastructure services. They not only streamline deployment but also reduce complexity by providing pre-built, reliable components that teams can trust to work out of the box. This shift allows developers to focus more of their time on writing the code that delivers unique value, while relying on pre-built containers to handle foundational services like web serving, caching, and more! In today’s cloud-native landscape, application containers are a necessity for scaling efficiently and securely.
Today, we’re happy to announce the first expansion of our container image library into application containers. These images are intended to be used right out of the box and make it easier for teams to deploy proven components alongside their own code in microservice-driven and Kubernetes environments.
Starting today, the latest versions of a variety of popular applications, including busybox, nginx and stunnel, are now available on ActiveState’s DockerHub page. Over the next several months we will continue to expand our catalog with a variety of other high-demand images.
Have one you’d like to see? Contact us!
What’s an Application Container?
Just weeks ago, we introduced our first development images to the ActiveState Secure Container catalog. With the introduction of application containers, we now have three distinct types of pre-built, low-to-no CVE container images.
Base Containers:
Our base images are minimal, production containers intended for packaging your application code and its required dependencies for deployment. These images include only what is required for your applications to run and deploy to your desired infrastructure. Because these images often require additional customization, we offer a managed service to fully customize, maintain and remediate these images on behalf of our customers.
Using our catalog of over 40 million secure open-source components, users of ActiveState Secure Containers can pull from popular packages and application libraries to ensure their image meets their runtime requirements. We currently provide several base container images for various programming languages and frameworks, including Python, Java (jre), Node.js, and more.
Development Containers:
A variation on our base images, development containers are lightweight, portable environments designed to standardize the developer experience. They bundle a secure, up-to-date toolchain for building and running applications. Our images stay slim while still retaining the standard libraries and build tools, giving you a reliable foundation for development.
Application Containers:
Application images are ready to use with no modifications and are designed to be used as drop-in replacements for popular databases, web servers, and other infrastructure services. Common examples often include applications such as Postgres and nginx.
We rebuild the latest upstream versions of these projects, ensure that latest patches have been applied and build them on top of our secure, distroless base to keep them secure and safe.
In fact, all ActiveState images are built upon this base enabling us to drastically reduce attack surface, and simplify ongoing maintenance. For a deeper technical dive into how we keep our images up-to-date and free from CVEs check out the blog – Keeping ActiveState Secure Containers Vulnerability Free.
The Power of Application Containers
One of the main advantages of using open-source in your development project is that it helps eliminate undifferentiated engineering work. For most businesses, the goal is to create new business value for customers, not reinvent the wheel.
Consider nginx, a go-to choice for many teams when it comes to handling web traffic. Instead of having developers spend countless cycles building this in-house, they can rely on a trusted application to do it for them. In the context of containers and microservices, pre-built application containers (like nginx) usually slot-in to provide critical infrastructure services alongside the novel code provided by developers.
For example, in a microservices environment, an nginx container is often deployed at the front of a service, handling tasks such as TLS terminations, routing, and load balancing.
For something like caching and high-speed data access, Valkey provides an in-memory database that can be dropped into a deployment as a pre-built container. Microservices can rely on this container for session storage or message brokering without developers needing to implement their own data layer.
Putting this all together into a hypothetical microservice:
Developers can use our Go-dev and Go images to write and deploy code that handles user authentication, while our nginx container can be deployed to handle all incoming traffic to that service. Orchestrators like Kubernetes help link them together into a cohesive system.
Application images provide trusted, battle-tested functionality for common infrastructure needs, enabling teams to build faster, operate more securely, and scale with confidence.
Why Security Still Matters
At the end of the day, application containers are still open source projects and ultimately code your team didn’t write. While they can accelerate development and eliminate undifferentiated engineering work, they also introduce risks if not properly secured. Popular container registries are full of application images that may be outdated, bloated with unnecessary dependencies, or carrying known vulnerabilities.
That’s why security for these images cannot be treated as an afterthought. Even when you’re relying on widely adopted, battle-tested applications for functionality, you’re still depending on external code that needs to be continuously patched and maintained. Without this vigilance, your containers can quickly become a liability, exposing your systems to exploits and forcing teams to spend valuable cycles firefighting vulnerabilities instead of building features.
By starting with minimal, hardened application containers built on a secure foundation, organizations can drastically reduce their attack surface while still benefiting from the flexibility and speed that open source makes possible. Hardened application containers provide not just agility, but also peace of mind.
Get Started
At the time of publishing images for Valkey, Maven, Kubectl, Busybox, nginx, and Stunnel are now available. Like all our container images, the latest versions are available to use and deploy free of charge.
For teams who require specific versions or custom configurations, our custom container service is here to help. Drop us a line today, and try your first custom image build for free!
