How Curated Catalogs Govern Open Source at the Point of Ingestion
April 9, 2026
98% of applications include open source software. The question isn't whether your team is using it, but whether you know what's in it, where it came from, and whether it's been verified before it reached your environment. (Source: 2026 Open Source Security and Risk Analysis Report, BlackDuck)
This walkthrough shows how ActiveState Curated Catalogs give security and engineering teams a governed, policy-controlled source for open source software, drawn from a library of 79 million built-from-source components. When AI coding assistants are pulling dependencies at machine speed, the only governance model that keeps pace is one that's enforced at the point of consumption, not discovered by a scanner after the fact.
What you'll see in this video:
- How components are surfaced and browsed inside a Curated Catalog
- CVE and dependency visibility at the component level, including transitive dependencies
- Version comparison to support upgrade planning before components reach your environment
- SBOM access for compliance documentation and regulatory readiness
.webp)
.jpeg)
.jpeg)