ActiveState

ActiveState Software Inc.

Company type	Private
Industry	Computer software
Founded	1997
Headquarters	Vancouver, British Columbia , Canada
Area served	Global
Key people	Stephen Baker (CEO)
Products	ActiveState Platform, ActivePerl, ActivePython, ActiveTcl, Komodo IDE
Number of employees	>60
Website	activestate.com

ActiveState Software Inc. is a Canadian software company that develops and supports tools for managing open source software in enterprise environments. The company provides solutions for automated vulnerability management, container security, and software supply chain security. ActiveState delivers secure containers and language runtimes that development teams can incorporate into their software development lifecycle (SDLC), and its platform is designed to help DevSecOps teams automatically identify, prioritize, and remediate vulnerabilities in open source components, and to manage dependencies across programming languages.

As of 2025, ActiveState reports serving approximately 94,000 monthly active users and supporting more than 40 million open source libraries. The company states that its platform is compliant with the National Institute of Standards and Technology (NIST) Secure Software Development Framework (SSDF). ^[1]

ActiveState is privately held and jointly owned by its employees and Vertu Capital, a Canadian private equity firm. ^{[2] [3]}

History

ActiveState Software Inc. was founded in 1997 in Vancouver, British Columbia, Canada, by Dick Hardt, David Ascher, and others, with the goal of adapting open source programming languages for commercial use. The company became known for commercial distributions of languages such as Perl, Python, and Tcl for Windows and enterprise platforms. ^[4]

In 2003, the company was acquired by British security software firm Sophos, a UK-based security software company, and operated as a wholly owned subsidiary. ^[5] In January 2006, ActiveState was purchased by Pender Financial Group, a Canadian investment company. ^[6]

In early 2021, ActiveState received a strategic investment from Turn/River Capital, a San Francisco-based private equity firm. ^[7] On November 7, 2023, the company was acquired by Vertu Capital, a Canadian private equity firm, and became jointly owned by Vertu Capital and ActiveState employees. ^[8]

Subsidiaries

• Phenona: In June 2011, ActiveState Software Inc. announced the acquisition of Phenona. ^{[9] [10]}
• Appsecute Limited: In June 2013, ActiveState Software Inc. announced the acquisition of Appsecute. ^[11] The acquisition would become ActiveState's strategy to pair Appsecute with Stackato. ^[12]

Products

ActiveState platform overview

The ActiveState Platform is a cloud-based platform for building, managing, and securing open source software components across multiple programming languages. It automates the process of compiling packages from source code, implements the Supply Chain Levels for Software Artifacts (SLSA) security framework, and provides tools for vulnerability detection, risk prioritization, and remediation. ^[13]

The platform is delivered as a managed service in which ActiveState oversees the building, updating, and maintenance of open source components on behalf of its users. It can generate secure container images, manage dependencies, and create software bills of materials (SBOMs) in SPDX and CycloneDX formats. The managed model is intended to reduce the operational burden on development teams by handling security patching, compliance requirements, and dependency updates centrally.

According to the company, the platform supports over 40 million open source components and is used by approximately 94,000 monthly active users. ^[14]

Secure containers

In 2024, ActiveState introduced Secure Containers, a set of prebuilt, zero–known-vulnerability container images for popular programming languages. The images are rebuilt nightly with signed SBOMs and attestations, and critical security vulnerabilities are remediated within seven days. ^[15]

Secure Containers are distributed through Docker Hub ^[16] and are available for languages including are available for languages including Python, Java, Node.js, Go, .NET Core, Rust, Perl, PHP, and for common utilities such as curl, wget, and bash. A static base image is also available. Customers can request customization of a non-production container for evaluation purposes. ^[17]

State tool

The State Tool is a command-line utility included with the ActiveState Platform. It allows users to manage programming language runtimes and dependencies, create and share reproducible development environments, and integrate ActiveState's services into automated build and deployment workflows. ^[18]

The tool is also used for managing Python projects and environments, including creating isolated development setups and handling package installation from source. ^[19]

Language distributions

ActiveState continues to offer commercial distributions of programming languages, which are integrated into the ActiveState Platform. These include:

• Python distribution for multiple operating systems. ^[20]
• Perl distribution for Windows, macOS, and Linux. ^[21]
• Tcl distribution for enterprise environments. ^[22]
• Ruby distribution for cross-platform development. ^[23]
• Go distribution for building cloud-native and system-level applications. ^[24]
• Java distribution for general-purpose and enterprise development. ^[25]
• R distribution for statistical computing and data analysis. ^[26]

These distributions were among the company's first products and remain part of its core offerings.

Former products

ActiveState has developed several products that have since been discontinued or transferred:

• Komodo IDE and Komodo Edit: Source code editors for dynamic and web languages. In 2021, ActiveState released Komodo IDE as open source software. ^[27]
• Stackato: A platform-as-a-service (PaaS) product based on Cloud Foundry. Hewlett Packard acquired Stackato in 2015. ^[28]
• Perl Dev Kit (PDK) ^[29] and Tcl Dev Kit (TDK): ^[30] Toolkits for application development in Perl and Tcl, respectively, which have been discontinued.

Enterprise CI/CD

ActiveState confirmed that its Enterprise CI / CD Survey is available for participation by 2020. Based on how businesses commonly utilize CI / CD and how they address software runtime and create issues, the study is part of ActiveState's ongoing initiatives to promote the development of open-source technology. ^[31]

Media presence and industry engagement

ActiveState regularly participates in industry media, webinars, and podcasts focused on topics such as software supply chain security, automated vulnerability management, and DevSecOps practices. The company has collaborated with technology media platforms including TechStrong TV, where executives and technical staff have discussed subjects ranging from balancing security with development speed to addressing technical debt. ^[32]

Notable appearances include:

• From Vulnerable to Unbreakable: Container Security for Open Source Simplified — A webinar exploring the advantages and risks of using open source in containers. ^[33]
• Streamlined Open Source: Innovation Without Bottlenecks — a microwebinar series about how ActiveState helps DevSecOps teams eliminate the complexities of managing open source ^[34]

ActiveState also publishes content on its own channels, including blogs, videos, and white papers, and has partnered with distributors such as Carahsoft ^[35] and Aquion ^[36] to deliver its solutions to government agencies and independent software vendors.

Awards and recognition

In 2025, ActiveState was recognized by ComponentSource in its annual awards as a "Top Global Innovator" and a bestselling publisher. ^[37] The company had previously been named a "Top 25 Publisher" by ComponentSource in 2021. ^[38]

ActiveState executives have also received individual recognition. In 2024, Chief Executive Officer Stephen Baker was named among the "Top 50 Software CEOs" by The Software Report. ^[39] In the same year, Chief Marketing Officer Allyson Barr was included in the publication's list of "Top 50 Women Leaders in Software." ^[40]

References

1. "We Are ActiveState" . Retrieved October 15, 2025.
2. "Private equity firm Vertu Capital acquires developer platform ActiveState" . Retrieved November 7, 2023.
3. "ActiveState Software, a Portfolio Company of Turn/River Capital, Acquired by Vertu Capital" . Retrieved November 15, 2023.
4. "About ActiveState". October 10, 2025. Retrieved October 15, 2025.
5. "Sophos acquires ActiveState". September 24, 2003. Retrieved October 15, 2025.
6. "Pender Financial acquires ActiveState assets of Sophos for US$2.25 million". January 2006. Retrieved October 15, 2025.
7. "ActiveState Raises Strategic Investment To Accelerate Its Vision For Modern Security-First Software Development". January 29, 2021. Retrieved October 15, 2025.
8. "Private equity firm Vertu Capital acquires developer platform ActiveState". November 7, 2023. Retrieved October 15, 2025.
9. "ActiveState Acquires Perl Cloud Company, Phenona, to Accelerate Cloud Strategy". June 14, 2011. Retrieved December 6, 2018.
10. Clarke, Gavin (June 14, 2011). "Teen sells Perl cloud startup to ActiveState". The Register . Retrieved December 6, 2018.
11. "ActiveState Acquires Appsecute: Private-PaaS Leader Purchases Social DevOps Solutions Provider". June 4, 2013. Retrieved December 6, 2018.
12. Copeland, Bart (June 5, 2013). "Going Social: Why ActiveState Acquired Appsecute" . Retrieved December 6, 2018.
13. "Your All-in-One Vulnerability Management Platform". September 22, 2025. Retrieved October 15, 2025.
14. "About ActiveState". October 10, 2025. Retrieved October 15, 2025.
15. "Introducing ActiveState's Secure, Custom Container Images". June 24, 2025. Retrieved October 15, 2025.
16. "ActiveState Expands Secure Open Source Offering for Enterprises with Vulnerability-free Container Images". June 24, 2025. Retrieved October 15, 2025.
17. "The Container Drumbeat: Rust and .NET Images are Now Available". June 29, 2025. Retrieved October 15, 2025.
18. "ActiveState CLI (State Tool)" . Retrieved October 15, 2025.
19. "ActiveState CLI (State Tool)" . Retrieved October 15, 2025.
20. "ActiveState Python". June 25, 2025. Retrieved October 15, 2025.
21. "ActiveState Perl". June 25, 2025. Retrieved October 15, 2025.
22. "ActiveState Tcl". March 20, 2025. Retrieved October 15, 2025.
23. "ActiveState Ruby". March 24, 2025. Retrieved October 15, 2025.
24. "ActiveState Go". June 25, 2025. Retrieved October 15, 2025.
25. "ActiveState Java". June 25, 2025. Retrieved October 15, 2025.
26. "ActiveState R". June 25, 2025. Retrieved October 15, 2025.
27. "KomodoEdit" . Retrieved October 15, 2025.
28. "Hewlett Packard Acquires ActiveState's Stackato Business". September 2, 2015. Retrieved October 15, 2025.
29. "Perl Dev Kit (PDK) is Now End of Life". February 20, 2020. Retrieved October 15, 2025.
30. "Tcl Dev Kit (TDK) Now End of Life". February 20, 2020. Retrieved October 15, 2025.
31. "ActiveState Launches Enterprise CI/CD Survey 2020". yahoo! finance. May 29, 2020. Archived from the original on June 16, 2020. Retrieved June 16, 2020.
32. "The ActiveState Podcast" . Retrieved October 15, 2025.
33. "From Vulnerable to Unbreakable: Container Security for Open Source Simplified". June 26, 2025. Retrieved October 15, 2025.
34. "SD Times Live! Microwebinar Series — with ActiveState" . Retrieved October 15, 2025.
35. "ActiveState and Carahsoft Partner to Bring Secure Open Source Management Platform to Public Sector". June 23, 2025. Retrieved October 15, 2025.
36. "ActiveState Partners with Aquion to Deliver Comprehensive Open Source Supply Chain Security to the Australian Market". March 10, 2025. Retrieved October 15, 2025.
37. "ActiveState Recognized Among Top Global Innovators in ComponentSource 2025 Awards". June 5, 2025. Retrieved October 15, 2025.
38. "ComponentSource Announces 2021 Award Winners". May 30, 2021. Retrieved October 15, 2025.
39. "The Top 50 Software CEOs of 2024". January 7, 2025. Retrieved October 15, 2025.
40. "The Top 50 Women Leaders in Software of 2024". February 5, 2025. Retrieved October 15, 2025.

External links

• ActiveState Company site
• ActiveState Community site
• ActiveState Documents site