Operations | Monitoring | ITSM | DevOps | Cloud

Check out how to reduce the risk of data breaches by removing long-lived credentials from your CI/CD build pipelines using OpenID Connect (OIDC) authentication.

In our first instalment of DevOps Debriefs, join Cloudsmith and special guest Rob Godfrey, Senior Technical Architect at the Financial Times (FT) for a discussion on the crucial role of authentication and credential management in ensuring software pipeline security. We’ll discuss: Innovative strategies that empowered the Financial Times team to overcome software supply chain risks in their pipelines. How the team responded to the fallout of the CircleCI breach by using OIDC with CircleCI and Cloudsmith.

Optimized for distributed teams working at any scale, Cloudsmith is your single source of truth for software assets.

Open Source Software (OSS) presents boundless opportunities, and organizations face challenges in securely leveraging OSS Join Cloudsmith and Chainguard as we talk about the easy way to securely consume OSS. Discover S2C2F best practices for securely consuming OSS and understand how Cloudsmith's Cloud Native Artifact Management aligns with these standards. Learn about Chainguard zero CVE images drastically reduce vulnerabilities and image attack surface.

Worried about supply chain attacks and hidden vulnerabilities compromising your organization's software integrity? Join Alison Sickelka, VP Product, and Ciara Carey, Developer Relations, as they lead our webinar, 'Practical Workflows for Managing Vulnerabilities using Cloudsmith.' Discover how Cloudsmith serves as your organization's central source of truth for builds, mitigating risks, optimizing workflows, and ensuring global distribution.

Join us for a demo and Q&A on Cloudsmith's cloud native, global, universal artifact management platform! Learn how Cloudsmith can help you distribute software globally, secure your software supply chain, optimize your workflow and reduce infrastructure costs!

Listen to Rust expert Carol Nichols discuss how adopting a memory-safe language like Rust can significantly reduce vulnerabilities.

Cloudsmith Navigator helps engineers select the highest quality OSS packages for their projects. Navigator integrates and analyses data on NPM, PyPi, RubyGems and Maven packages, and assigns each one a score based on security, maintenance and documentation.

See how we've saved PagerDuty from pipeline disruption, support bottlenecks and more with first-class performance and service.

Today we are going to take a lookback on trends in the DevOps and supply chain security space in 2023 What kind of year has 2023 been for DevOps? Are people generating SBOMs? Were there any mad vulnerabilities? Are we all using AI in our workflows? We have 3 wonderful panellists: Glenn Weinstein Cloudsmith CEO Josh Bressers VP of Security at Anchore, Podcaster, Blogger Luca Lanziani Head of DevOps and Platform Engineering @NearForm and Blogger.