ActiveState releases 2026 vulnerability report

ActiveState released the 2026 State of Vulnerability Management and Remediation Report, Container Security Edition, which identified a mismatch between organizations stated strategies and their operational practices.

The report surveyed 250 DevSecOps leaders across North America and found that 100% of respondents said containerization was critical to their production strategy, 82% likely experienced at least one container-related security breach in the previous 12 months, and 78% likely failed a compliance audit due to Common Vulnerabilities and Exposures (CVE) present in their container images.

The report described a trust vs. practice gap: 77% of DevSecOps leaders trusted curated catalogs more than public registries, yet 90% still used lightly modified public images with little to no hardening, leaving unmonitored and outdated base images as a primary vector for supply chain attacks and compliance violations.

The survey collected responses from North American DevSecOps leaders and the report included data on container security trends, the impact of Artificial Intelligence (AI) on remediation, and strategies for closing the compliance gap.

“The findings in our 2026 report serve as a stark wake-up call for enterprises relying on open source software and containers to drive their innovation,” said Stephen Baker, CEO of ActiveState.

The full report was available on ActiveStates website and provided complete data on container security trends, the impact of AI on remediation, and approaches for closing the compliance gap.

Dell’Oro Group reports application security and delivery grew 15% in 2025

Mimecast releases State of Human Risk Report

Infosys deepens collaboration with Intel to scale enterprise AI