Blog

Level Up Your Container Security Skills with ActiveState Academy

Jonny Rivera

September 23, 2025

Amongst software development and security professionals, the term “shift-left” has become near ubiquitous within the industry. Countless articles and methodologies now push for the movement of critical security measures earlier in the software development lifecycle. Teams are testing earlier and with technologies like secure containers, ensuring that security begins as early as defining your application dependencies.

Yet, one factor is often overlooked and present well before code enters an IDE. To shift left, teams must change not only their tooling but the way they think and approach software development. Shifting left is as much of a knowledge and cultural problem as it is a technology problem.

To help organizations bridge the gap, we’re excited to announce the public launch of ActiveState Academy and our new flagship Container Security Fundamentals course and certification. Previously a tool reserved for ActiveState customers and employees, ActiveState Academy opens our expert-developed training and certifications to any organization, team, or individual looking to upskill in critical open-source security best practices.

Even better, both ActiveState Academy and the Container Security Fundamentals certification are entirely free and accessible to teams everywhere.

Container Security From the Ground Up

Containers have become a core part of modern development, but when they’re not secured properly, the consequences can be far-reaching. To complement our recently launched ActiveState Secure Container offering, the Container Security Fundamentals certification provides teams with a methodology to rethink their approach to building and shipping software using containers.

This certification helps teams rethink how they build, ship, and manage containerized software. It introduces supply chain security concepts and provides practical steps for managing containers across environments.

After signing up, learners can explore content across three modules, including:

Software Supply Chain Security Fundamentals – Understand how risks emerge from vulnerable code, open-source libraries, and dependencies—even before containers are assembled.

Getting Started with Container Security – Reduce risk with secure base images, vulnerability scanning, and safe CI/CD practices.

Securely Manage Your Containers – Maintain security in production with SBOMs, regular updates, and long-term protection strategies.

By completing the course, learners will be able to identify container security risks, implement secure containers within their CI/CD pipelines, and apply best practices to maintain protection over time.

Participants also receive a Credly-issued digital badge they can showcase on LinkedIn or within their professional networks, making it easier to demonstrate validated expertise in container security.

More to Learn Inside ActiveState Academy

While container security is the starting point, ActiveState Academy also includes a variety of other materials ranging from software supply chain security to streamlining CI/CD pipelines. In addition to Container Security Fundamentals, additional courses are now open to the public, including: How to Remediate Open-Source Risk and Streamlining CI/CD with Secure Runtimes. These courses enable DevOps, InfoSec, and Development teams to improve their security posture while simultaneously increasing productivity and innovation to deliver secure applications faster.

We know that professional development often gets crowded out by day-to-day responsibilities. That’s why we’ve built the ActiveState Academy experience to be simple, flexible, and engaging. Registration takes only a minute, and once inside, earners can browse through available modules, review course details, and build a personalized learning path based on their own interests and career goals.

Whether you want to focus on container hardening, runtime security, CI/CD implementation, or broader open source security practices, ActiveState Academy makes it easy to find what matters most to you.

Get Certified Today

The Container Certification Fundamentals program is now open to learners everywhere. If you’re ready to strengthen your container security expertise, earn a credential you can share with your network, and build the confidence to secure your applications from development through deployment.
Start Your Container Certification today!

Frequently Asked Questions

What is ActiveState Academy and who is it for?

ActiveState Academy is a free training and certification platform at activestate.com/academy designed for developers, DevOps engineers, security practitioners, and anyone responsible for building or maintaining secure software. Previously available only to ActiveState customers and employees, the Academy is now open to any individual or team looking to build practical skills in container security, open source risk management, and secure CI/CD practices. Courses are self-paced and designed to fit around day-to-day responsibilities. Registration takes minutes, and all certifications are entirely free.

What does the Container Security Fundamentals certification cover?

The Container Security Fundamentals certification is structured around three modules. The first covers software supply chain security fundamentals: how risks emerge from vulnerable code, open source libraries, and dependencies before containers are even assembled. The second covers getting started with container security: reducing risk through secure base images, vulnerability scanning, and safe CI/CD practices. The third covers ongoing container management in production: using SBOMs, applying regular updates, and maintaining security posture over the full container lifecycle. Completing the course results in a Credly-issued digital badge that can be shared on LinkedIn and professional networks to demonstrate verified expertise.

Why is container security as much a knowledge problem as a tooling problem?

Most shift-left conversations focus on adding security earlier in the pipeline through new tools and automated gates. What gets less attention is that tool adoption without conceptual understanding produces teams who configure tools without knowing what they are guarding against. A developer who does not understand how a supply chain attack works, or why a bloated base image expands attack surface, will make tooling decisions that undercut the security controls they are trying to implement. Container Security Fundamentals is built on the premise that durable security practice requires both the right tooling and the right mental model. The course is designed to build that foundation so teams can apply security judgment at every decision point, not just at the gates where automated checks happen to run.