Last month, Datadog announced an interesting and useful  new feature they call the Supply-Chain Firewall (SCFW). It offers a real-time scanning approach that identifies vulnerabilities as developers pull packages from public registries like npmjs. It highlights the broader challenge organizations face when securing their software supply chain: managing risk consistently

For organizations, distributing software artifacts effectively is crucial to building strong developer relationships and delivering a seamless experience. Yet, managing and personalizing the distribution of software packages—like SDKs or container images—can be challenging. Cloudsmith, a leader in cloud-native artifact management, has introduced Broadcasts to address these needs. With

As containerized environments evolve, effective artifact management is crucial for any organization using Kubernetes or similar ecosystems. Cloudsmith’s container registry now fully complies with the Open Container Initiative (OCI) distribution specification, allowing customers to store, secure, and distribute images and artifacts with greater efficiency. This release marks an evolution

As software complexity advances, understanding what’s happening across every part of your software supply chain becomes crucial. You need to see where artifacts are used, how secure they are, and whether they meet compliance standards. The ability to capture this is known as observability. Observability goes beyond data collection

In a rapidly evolving digital environment, organizations across various sectors—including technology firms, financial services, and manufacturing—rely on effective management of software artifacts to secure their software supply chains The risk of supply chain attacks has intensified, revealing vulnerabilities at every stage of artifact management. Compliance breaches, data leaks,

KubeCon is almost here, and if this is your first time attending or you’re a seasoned pro, you’re in for a treat! 🎉 Next week, KubeCon will take over Salt Lake City, bringing together the brightest minds in cloud-native tech. Whether you're a developer, engineer, or IT

We’re excited to announce that Deno, the modern JavaScript and TypeScript runtime, now supports private npm registries. You can now leverage Cloudsmith to securely host and share your npm modules directly within your Deno projects.

ShipItCon, one of Europe’s most vibrant indie tech conferences, just wrapped up in Dublin last week.  It brought together software engineers and technologists to tackle a central theme - Flow.

Find out what Glenn sees as Cloudsmith's three winningest characteristics as he looks back on his first 12 months as CEO.

Cloudsmith does more than store and manage artifacts. It protects them, too. In this article, we explain how you can prevent software supply chain threats by using our platform as a vital isolation layer between your binaries and risks in public open source repositories.

Get the highlights from our July webinar on platform engineering, featuring senior Cloudsmithers and Humanitec's Luca Galante.