Operations | Monitoring | ITSM | DevOps | Cloud

EU law is changing for hardware and software makers. Here's your 2-minute summary of the Cyber Resilience Act.

This week, the European Union (EU) reached an agreement on the EU Cyber Resilience Act (CRA). See if your product must comply, how to comply and what is exempt.

It's a lot easier to get + stay CRA compliant when you have robust SSCS across your pipeline. See how using Cloudsmith helps.

This week, we announced that Cloudsmith has taken an impressive $11M in additional funding, hot on the heels of our $15M Series A two years ago. That's not just serious cash for a startup; it's a game-changer! The natural questions are: why did we take it, and what's our big-picture plan?

Uncover how to reach Level 1 in S2C2F a framework for secure OSS consumption.

Discover the risks and drawbacks of developing and distributing software without the support of a C++ package manager.

Welcome to our 2nd blog in our series on how to securely consume Open Source Software (OSS). Attacks targeting OSS are on the rise, making the security of your software supply chain a top priority. The 1st blog gave an overview of some of the most common types of attacks. Today we’ll explore the Secure Supply Chain Consumption Framework (S2C2F) that can help you mitigate against these attacks.

Our 1st blog in our series on securely consuming OSS. Today, I'll give an overview of some of the most common types of attacks from consuming OSS. Open-source software (OSS) fuels innovation. Over 96% of commercial applications rely on at least one OSS component (Synopsys, 2023). At Cloudsmith, we champion OSS and understand its indispensable role in today's software landscape. However, the escalating threat of supply chain attacks targeting OSS demands a robust defence.