|
By Maia Livingstone
What a year it’s been at Cloudsmith. As we look back on 2024, it’s hard not to feel a sense of pride - and even a little awe - at how far we’ve come. From a scrappy startup to a trusted partner for some of the biggest names in the world, this year has been a turning point, both for our company and the people who make it special. In this video, our CEO, Glenn Weinstein, reflects on the highs, the challenges, and the moments that defined this year for us.
|
By Maia Livingstone
Last month, Datadog announced an interesting and useful new feature they call the Supply-Chain Firewall (SCFW). It offers a real-time scanning approach that identifies vulnerabilities as developers pull packages from public registries like npmjs. It highlights the broader challenge organizations face when securing their software supply chain: managing risk consistently and efficiently at scale.
|
By Maia Livingstone
Migrating from JFrog Artifactory to a new artifact management platform like Cloudsmith can feel like a daunting task. We promise, it’s actually easier and more straightforward than you think! Our experience with other customers has shown that even if you have a complex setup with hundreds of teams and lots of binary artifacts, you can make the move to Cloudsmith fairly quickly. We can help arm you with a clear plan and best practices, so the transition can be seamless.
|
By Paul May
After a focused period of design and development, the new Cloudsmith web app is now available to all customers at app.cloudsmith.com. The new web app replaces the existing cloudsmith.io, which will be fully decommissioned in June 2025.
|
By Maia Livingstone
In a rapidly evolving digital environment, organizations across various sectors—including technology firms, financial services, and manufacturing—rely on effective management of software artifacts to secure their software supply chains The risk of supply chain attacks has intensified, revealing vulnerabilities at every stage of artifact management. Compliance breaches, data leaks, and unvetted code present serious threats, and Cloudsmith aimed to tackle these challenges head-on.
|
By Maia Livingstone
As software complexity advances, understanding what’s happening across every part of your software supply chain becomes crucial. You need to see where artifacts are used, how secure they are, and whether they meet compliance standards. The ability to capture this is known as observability. Observability goes beyond data collection to provide essential insights that help teams understand, troubleshoot, and enhance complex systems.
|
By Maia Livingstone
As containerized environments evolve, effective artifact management is crucial for any organization using Kubernetes or similar ecosystems. Cloudsmith’s container registry now fully complies with the Open Container Initiative (OCI) distribution specification, allowing customers to store, secure, and distribute images and artifacts with greater efficiency.
|
By Maia Livingstone
For organizations, distributing software artifacts effectively is crucial to building strong developer relationships and delivering a seamless experience. Yet, managing and personalizing the distribution of software packages—like SDKs or container images—can be challenging. Cloudsmith, a leader in cloud-native artifact management, has introduced Broadcasts to address these needs.
|
By Ian Duffy
Explore how to use OpenID Connect (OIDC) to enable Kubernetes to pull Docker images from Cloudsmith without relying on long-lived credentials. This approach significantly enhances security and simplifies credential management.
|
By Ciara Carey
This guide will walk you through configuring GitHub Dependabot to authenticate with Cloudsmith using OIDC.
|
By Cloudsmith
Join us for a special look back at an incredible 2024 with Cloudsmith CEO Glenn Weinstein . In this candid conversation, Glenn reflects on our journey from a growing startup to a trusted enterprise service provider.
|
By Cloudsmith
During this pre-KubeCon online event, we will tackle the big questions that should be at the center of conversation at this year's event. If over 90% of software deployed is open-source; It's time for engineering leaders to make their IDP tooling bets. KubeCon is the opportunity to answer these big questions and share ideas. Don’t miss this opportunity to learn from the leading minds in the software supply chain management about the most pressing questions in the industry today ahead of the only event that matters.
|
By Cloudsmith
Discover how Diligent transformed its software delivery process with Cloudsmith’s universal package management platform. By centralizing security, automating workflows, and enhancing compliance, Diligent achieved significant efficiency gains and scalable operations. With real-time insights and reduced manual tasks, their teams can now focus on innovation.
|
By Cloudsmith
The European Parliament (EP) adopted a provisional version of the final text of the EU Cyber Resilience Act (CRA) on March 12, 2024, with the final version expected to be signed and published in October. The EU's CyberResilienceAct (CRA) proposes stringent cybersecurity requirements for digital products, aiming to bolster security against cyberattacks. While it promises safer hardware and software, it also raises questions for Open Source contributors and organizations.
|
By Cloudsmith
In this session we will explore why prioritizing artifact management is essential in advancing to self-service IDPs and how adoption of Cloudsmith offers solutions to common challenges such as high infrastructure costs, managing security vulnerabilities, and maintaining productivity. Attendees will gain insights into best practices of implementing an artifact repository at the center of their CI/CD pipeline.
|
By Cloudsmith
The second session of our three-part summer series will help you assess and enhance your DevOps team's capabilities in preparation for transitioning to platform engineering using Omdia’s DevOps Maturity Checklist as our guide.
|
By Cloudsmith
As organizations continue to navigate the complexities of modern IT environments, the evolution from “DevOps” to “platform engineering” has emerged as a crucial next step in maximizing operational efficiency. By reimagining DevOps as platform engineering, organizations can create a more cohesive and streamlined approach to IT operations and development, breaking down the silos that often impede progress. In this webinar, the Cloudsmith team will explore Omdia’s latest Market Disruptors Report and discuss which critical success factors you need to consider before making the transition to platform engineering.
|
By Cloudsmith
Optimized for distributed teams working at any scale, Cloudsmith is your single source of truth for software assets. Start your free trial today!
|
By Cloudsmith
The Cloudsmith team is excited to announce our newly released support for Swift! Discover how Cloudsmith's new capabilities can revolutionize the way Swift developers manage dependencies.
|
By Cloudsmith
Check out how to reduce the risk of data breaches by removing long-lived credentials from your CI/CD build pipelines using OpenID Connect (OIDC) authentication.
- December 2024 (5)
- November 2024 (7)
- October 2024 (5)
- September 2024 (3)
- August 2024 (7)
- July 2024 (5)
- June 2024 (3)
- May 2024 (4)
- April 2024 (2)
- March 2024 (6)
- February 2024 (7)
- January 2024 (6)
- December 2023 (6)
- November 2023 (5)
- October 2023 (3)
- September 2023 (3)
- August 2023 (5)
- July 2023 (5)
- June 2023 (4)
- May 2023 (1)
- April 2023 (1)
- March 2023 (4)
- February 2023 (4)
- January 2023 (3)
- December 2022 (4)
- November 2022 (4)
- October 2022 (2)
- September 2022 (4)
- August 2022 (6)
- July 2022 (4)
- June 2022 (2)
- May 2022 (9)
- April 2022 (3)
- March 2022 (10)
- February 2022 (1)
- January 2022 (6)
- December 2021 (3)
- November 2021 (2)
- October 2021 (3)
- September 2021 (3)
- July 2021 (5)
- June 2021 (5)
- May 2021 (4)
- April 2021 (4)
- March 2021 (4)
- February 2021 (4)
- January 2021 (3)
- November 2020 (10)
- October 2020 (6)
- September 2020 (7)
- August 2020 (6)
- July 2020 (6)
- June 2020 (9)
- May 2020 (9)
- April 2020 (9)
- March 2020 (2)
- February 2020 (6)
- September 2019 (1)
- August 2019 (1)
- July 2019 (2)
- June 2019 (1)
- May 2019 (2)
- April 2019 (1)
- August 2018 (1)
- July 2018 (1)
- November 2017 (1)
Cloudsmith, your friendly neighbourhood Package Management startup, is a fully managed 24/7 Software-as-a-Service (SaaS) for securely storing and sharing assets, packages and containers. We have distributed millions of packages for innovative companies around the world and specifically help with: development, for internal build pipelines and dependencies; deployment, for delivery pipelines to servers; and distribution, for sharing software to entitled users worldwide.
Our main office is in Belfast, UK, but our approach to software development and the Cloud allows people to contribute from all over the world.
Built for Engineers, by Engineers:
- For Dev: Control the dependencies for your build/development pipelines. Share libraries privately with your teams, and develop your software securely.
- For Ops: Deploy the artefacts for your delivery pipelines. Promote through delivery stages, and ignore unstable upstreams that will break you.
- For Vendors: Distribute licensed software to customers, anywhere in the world. Define private access via entitlements, to ensure only entitled users get it.
The new standard in Package Management and Software Distribution.