DEVOPSdigest

ActiveState announced that it is now offering the ActiveState Artifact Repository free of charge in all tiers of the ActiveState Platform (including its popular Free Tier) for a limited time.

The ActiveState Artifact Repository was released in September 2022, to enable organizations to securely build Python open source dependencies directly from source code using ActiveState's secure build service. All built code is then stored directly in the organization's own private ActiveState Artifact Repository for distribution, creating a closed-loop environment that maximizes supply chain security.

The ActiveState Artifact Repository integrates with a host of other secure supply chain capabilities that are built right into the ActiveState Platform, including:

- Attestations for open source artifacts

- Software Bill of Materials (SBOM)

- Artifacts built from source using our secure build service

- Curated catalog of vetted artifacts

- Vulnerability remediation functionality

By making the ActiveState Artifact Repository free of charge for all tiers of service and coupling it with other essential open source security capabilities, ActiveState makes it easier than ever for organizations to place security at the heart of their open source supply chain.

In response to the increasing prevalence in supply chain attacks in recent years, cybersecurity agencies in the U.K. and U.S. have both recently issued guidance to help organizations deal with the growing threat. In September, the National Institute of Standards and Technology (NIST) issued sweeping guidance to help software organizations combat supply chain attacks. Similarly, in October, the U.K.'s National Cyber Security Centre (NCSC) issued similar guidance of its own to help organizations effectively assess and gain confidence in the cyber security of their supply chains. Such guidance is widely expected to become industry standard in the near future.

Using the comprehensive set of open source security tools that are incorporated in the ActiveState Platform, coupled with the ActiveState Artifact Repository, organizations of all sizes are able to better protect themselves and their customers from supply chain attacks.

Loreli Cadapan, VP, Product, ActiveState, said, "Supply chain attacks are becoming more prolific at the same time governments and security organizations are clamping down on the need to secure the software supply chain. We are offering the ActiveState Artifact Repository for free to our users to help them get ahead of these attacks and become security compliant. And at the end of the free period, users will still be able to access and utilize any ActiveState Artifact Repository instances they created."