Perl Zero Day Security Threats
ActiveState has backported the zero day vulnerability patch & introduced EOL extended support for ongoing security fixes. Learn more.
Read MoreIncrease the security and integrity of your Python, Perl, Ruby and Tcl software supply chain.
Your open source supply chain is bigger than you think. In modern applications, 80% or more of the code typically comes from open source dependencies, but importing, building and consuming open source can expose you to undue risk across your software development lifecycle unless you’ve implemented strict security and integrity controls to reduce your software supply chain risks.
Want to see how the ActiveState Platform can improve your existing security and integrity controls?
Secure the open source dependencies from which your software is built, with security practices like:
As per the recent US Executive Order issued by the White House, these features will be National Institute of Standards and Technology (NIST) requirements for providers selling into government agencies by October 2022.
Ensure the provenance (ie., the source) of all open source software with security measures like:
Provenance helps ensure against the introduction of malware and malicious code during build workflow that can introduce an attack vector or backdoor into your codebase or web application. These kinds of development environment cyberattacks are quickly emerging as key software supply chain attack vectors since downstream customers deploying your patches, updates or upgrades all become vulnerable (such as happened with the SolarWinds Orion hack).
Implement software supply chain security from end to end. The ActiveState Platform is built to handle the unique needs of your organization, making it easy to secure and de-risk your use of Python, Perl, Ruby and Tcl.
Create secure Python, Perl, Ruby and Tcl open source project runtimes for your development, CI/CD pipeline and production environments that contain just the dependencies needed to develop, test, and run your applications. Implement secure software development practices that align with DevSecOps initiatives, including setting permissions for sharing your runtime with internal and third-party stakeholders, while shrinking application attack surfaces to improve cybersecurity.
Our catalog of open source software components is imported from open source community resources like PyPI, CPAN, GitHub and other public repositories. Indemnified components are vetted on import, and new versions regularly refreshed, enabling secure, timely fixes to vulnerabilities while reducing the need for code reviews by security teams.
Every package is automatically built from source (including linked C libraries) from our set of known and tracked dependencies to make sure you’re getting the bits you expect (and not a compromised binary such as log4j). The result is a much more secure software supply chain.
Reduce your security footprint by implementing a single solution (the ActiveState Platform) that provides SaaS analysis tools, APIs and developer tools across the “import, build and consume” process for all languages, starting with Python, Perl, Ruby and Tcl. Unlike the typical DevOps approach of using one package manager per language, the ActiveState Platform provides a single, universal package management solution, dramatically decreasing maintenance and training overhead.
Find, fix and automatically rebuild vulnerable Python, Perl, Ruby and Tcl environments with secure components from the ActiveState Platform catalog, reducing Mean Time To Resolution (MTTR). Automate remediation.
Get email assessments whenever a Python, Ruby or Perl dependency in your custom distributions is found to have a vulnerability, speeding time to remediation.
We run security scans on your Python, Perl, Ruby and Tcl language environments, vetting them, notifying you of vulnerabilities, supply chain threats and providing you an email-able report. Best of all, you can then point-and-click to resolve vulnerabilities, and we’ll automatically rebuild your secure custom language distribution, ready to be deployed.
Still running Python 2 or older versions of Perl for your legacy applications? We offer the maintenance and support you need to resolve security issues, meet compliance requirements, and deliver on your customer obligations. Get support for all the core libraries and 3rd-party packages in your application and backported fixes from Python 3.
Learn about Python 2 Support
Supported Perl versions
Supported Python versions
ActiveState provides timely updates to our ActiveState Python, ActiveState Perl, ActiveState Ruby and ActiveTcl distributions. We can also manage and provide validation for the Perl, Python, Ruby and Tcl runtime environments you create on the ActiveState Platform on your behalf, freeing up your developers to focus on what they do best coding.
Please provide your information, and our Sales Team will be in touch shortly. Students and developers can sign up for a free account instead.
ActiveState has backported the zero day vulnerability patch & introduced EOL extended support for ongoing security fixes. Learn more.
Read MoreLearn how ActiveState generates runtimes to securely extend your Cloudera environment with the latest Data Science and Machine Learning tools.
Read MoreCode and Binary repositories are essential elements of a secure software supply chain, but used incorrectly they can be the weakest link.
Read More