Software Supply Chain Reproducible Builds, Fedora 43, and What It Means for the Software Supply Chain April 2025 has brought some important news in the world of open source and software supply chain security: Fedora has announced a change proposal to make 99% of its package builds reproducible in its upcoming Fedora 43 release. At first glance, this might seem like a low-level Linux packaging detail.
Software Supply Chain How to Audit Your Software Supply Chain Security Digital threats are part of the development landscape, so how should you audit your software supply chain security to ensure you protect your pipeline? This blog will take you through the threats that are lurking and the steps you can follow to guard against them.
DevSecOps Improving Observability With Cloudsmith Logs Glimpse the golden insights Cloudsmith’s logs offer and see how easy it is to pull and analyze them like a pro.
OSS The Dangers Lurking in Open Source Software Our 1st blog in our series on securely consuming OSS. Today, I'll give an overview of some of the most common types of attacks from consuming OSS.
Software Supply Chain Securely Connect Cloudsmith to your CI/CD using OIDC Authentication Securely connect Cloudsmith to your CI/CD with OIDC. Cloudsmith now supports OIDC natively. OIDC tokens are a more secure way to handle authentication than long-lived credentials, and they remove the need to store your credentials in your CI/CD platform.
Events The EU Efforts To Secure Open Source Software [On-demand Session] Watch this session from Open Source Summit Dublin to learn more about the European Union's response to the ever-changing open source security landscape.
Events SBOMs: The New Standard in Supply Chain Security [On-demand Session] Watch this session from DevOps Con NYC to learn about this emerging standard, how it can improve the security of your supply chain, open source tools to help you generate and analyze SBOMs and the future of SBOMs.
Security How to Manage Your Vulnerability Workflows with Cloudsmith Scan your packages for vulnerabilities and never miss new vulnerabilities as they get discovered. Create actionable workflows by quarantining packages over defined vulnerability levels
Cloudsmith Featured Pricing: Building A Better Cloudsmith We dive into the details of why we're changing the pricing at Cloudsmith, what it means for you, and how we can help.
![The EU Efforts To Secure Open Source Software [On-demand Session]](/content/images/size/w600/2022/10/Screen-Shot-2022-10-13-at-8.32.39-AM.png)
![SBOMs: The New Standard in Supply Chain Security [On-demand Session]](/content/images/size/w600/2022/09/Social-Cards-DevOps-NYC-04-1.png)
