Software development teams are writing more code faster than at any point in history, and that acceleration is creating a security problem hiding in plain sight. Every time a developer invokes an AI coding assistant — Claude Code, GitHub Copilot, Cursor, or any of the growing constellation of LLM-powered tools — that assistant reaches into the open source ecosystem and pulls in packages, dependencies, and binaries that development teams often accept without meaningful scrutiny. The pipeline moves fast, yet the threat surface grows faster. ActiveState, a company with thirty years of open source package management heritage, arrived at RSAC 2026 arguing that the industry has been solving this problem at the wrong layer — and that the moment to fix it has arrived.

The Challenge: AI Acceleration Meets Open Source Risk

The open source software supply chain has been a known attack surface for years, but AI-assisted development has compressed the risk timeline and expanded the blast radius simultaneously. Malicious packages appearing in npm repositories, poisoned PyPI uploads, and fake GitHub repositories seeded with malware are no longer edge cases, and when a developer writes their own code and consciously selects a dependency, there is at least a moment of intent. When an AI agent selects and installs that dependency autonomously, that moment disappears entirely.

According to ActiveState, 96% of all applications contain open source components, and development teams face enormous dependency graphs that no individual developer can audit in real time. Security teams can mandate policies, but the friction between security mandates and developer workflow remains one of the most persistent failure modes in AppSec: developers perceive the security layer as an obstruction rather than a foundation, and the friction produces workarounds.

What ActiveState Delivers

ActiveState’s answer to this problem operates at the source rather than the surface. Rather than scanning code after developers write it or analyzing containers after they’re built, ActiveState pulls upstream packages, validates them against known CVE databases and its own scanning process, and then rebuilds those packages in a hermetically sealed environment — fully disconnected from the internet — before making them available through a curated catalog. The approach produces binaries that engineering teams can consume through their existing toolchains with no workflow modification required. A developer running pip install draws from the ActiveState catalog exactly as they would from the open internet, but every component that arrives has passed through a documented, auditable, security-validated build process.

At RSAC 2026, ActiveState positioned this curated catalog as the centerpiece of a broader secure open source supply chain strategy. The company maintains a five-day SLA for critical CVE remediation, monitors packages continuously, and operates its build environment to SLSA Level 3 hardened standards — a critical compliance and audit signal for enterprise security teams operating under regulatory scrutiny. Pricing follows a per-developer, per-language model on an annual SaaS basis, giving platform teams a predictable cost structure tied directly to adoption.

Critically, the catalog also addresses the AI agent use case directly: development teams can configure their AI coding assistants to draw from the ActiveState catalog rather than the open internet, substituting a verified, curated source for an uncontrolled one.

Why This Matters

The software supply chain security market has concentrated heavily on scanning what developers have already built. ActiveState takes the opposite posture: secure the raw material before the developer ever touches it and eliminate the security decision from the developer’s cognitive load entirely.

For AppDev and DevSecOps teams watching AI coding agents accelerate the volume and velocity of open source consumption, that architectural choice is worth serious consideration. The catalog launch arrives precisely as AI-assisted development reshapes the threat surface — and for organizations that need an auditable, systematic process for validating open source components before they reach production, ActiveState’s timing may be as important as its technology.