Could 2023 be the year of memory safety?

We can completely eliminate software vulnerabilities caused by memory corruption by moving software away from C and C++. The National Security Agency (NSA) is urging developers to shift to memory safe languages – such as C#, Go, Java, Ruby, Rust, and Swift. Could 2023 be the year of memory safety?

Events Featured

Upcoming Webinar: 2022 State of DevOps | Dec 15

We’ve assembled a panel of experts for our final webinar of 2022 to look back on the year and discuss key learnings and trends.

Cloudsmith

How to Manage Your Package Promotion Workflows with Cloudsmith

Package promotion workflows are a great way to isolate and protect production repositories away from pubic upstreams, so they only receive clear and vetted packages.

Who What Where and Why of Commercial Open Source [Session Recap]

Why do companies use commercial OSS instead of hosting it themselves? Lætitia Avrot, Field CTO at EDB and David Tuite Founder of Roadie talk about SLAs, security, maintenance, proprietary features, conferences and contributing to the open source ecosystem.

The Who, What & Why of Commercial Open Source [On-demand Session]

We've assembled a panel of experts that have a close relationship with open source to discuss bridging the gap between free, open-source software and commercial open-source products

Webinar

How Do Mature DevOps Teams Manage Software Security? [On-demand Session]

We’ve assembled a panel of experts from the mature DevOps teams of Puppet and Shopify to answer some of your biggest software security questions.

Events

The EU Efforts To Secure Open Source Software [On-demand Session]

Watch this session from Open Source Summit Dublin to learn more about the European Union's response to the ever-changing open source security landscape.

Events

SBOMs: The New Standard in Supply Chain Security [On-demand Session]

Watch this session from DevOps Con NYC to learn about this emerging standard, how it can improve the security of your supply chain, open source tools to help you generate and analyze SBOMs and the future of SBOMs.

Security

How to Manage Your Vulnerability Workflows with Cloudsmith

Scan your packages for vulnerabilities and never miss new vulnerabilities as they get discovered. Create actionable workflows by quarantining packages over defined vulnerability levels

Events

Cloudsmith is headed to Detroit for KubeCon | CloudNativeCon North America!

The Cloudsmith Team is headed to Detroit for KubeCon CloudNativeCon North America!  Stop by the Cloudsmith booth in the expo hall to speak with our universal artifact management experts and pick up some awesome swag. About Cloudsmith: Cloudsmith is the only cloud-native package management platform for software engineers looking to

Security

Cloudsmith Supports OpenSSF's Efforts to Secure OSS

As part of our mission to make it simple to secure software at scale through Continuous Packaging, Cloudsmith is proud to be an Open Source Security Foundation (OpenSSF) member.

Webinar

Webinar on Software Supply Chain Security Hosted by The Linux Foundation [On-demand Session]

In this webinar, we’ll continue our discussion with some good news! We’ll highlight the progress being made on OSS efforts that we can all standardize on, and some tooling available to everyone beginning this journey.

Develop Software

10 ways to make your software pipeline more observable

Ciara lists 10 ways to make your software pipelines more transparent and observable to gain insights, identify unusual behavior and possibly prevent a software supply chain attack.

Software Package Formats

What is Ruby?

Come explore Ruby as a programming language, Ruby Gems, Ruby on Rails, and hosting your own Ruby Gems repository the easy way with Cloudsmith!

Events

Secure Your Software Supply Chain Using Observability Webinar [On-demand Session]

We’ve assembled a panel of experts from software, security, and data to talk about observability and what it means to your software supply chain security. Watch the 30-minute webinar on-demand.

Software Package Formats

The PowerShell Gallery is Down Again... Now What?

What if we could find a way to protect ourselves from Powershell Gallery outages, with a more highly-available option? Well, Adil may have just the very solution for you here at Cloudsmith! 😉 😉

Webinar

Making SBOMs Actionable Webinar [On-demand Session]

Learn how to improve your supply chain security workflow, enhance visibility, and prevent a disaster like Log4J by using Syft, Grype, Cosign, and Cloudsmith as the container registry in this 1-hour webinar available to watch on-demand.

Security

How to Analyze an SBOM

Ciara discusses how to analyze SBOMs for vulnerabilities using Open Source tools, and how Cloudsmith can take actions like quarantining your images if it contains vulnerabilities above a certain level.

Security

How to Generate and Host an SBOM

Ciara details how and when to generate an SBOM with the help of open-source tooling. Learn how to host SBoMs, as well as other SBOM considerations.

Distribute Software

CD Foundation Announces Cloudsmith as a New Member

Cloudsmith joins the CD Foundation as a new member, in helping to strengthen the growth and evolution of continuous delivery models.

Cloudsmith Featured

Pricing: Building A Better Cloudsmith

We dive into the details of why we're changing the pricing at Cloudsmith, what it means for you, and how we can help.

Cloudsmith Featured

Pricing: A Message from the Founders of Cloudsmith

Alan and Lee talk about the journey of Cloudsmith, and how we got to where we're at today with the latest pricing announcement.

Software Package Formats

What is Conda?

Curious about the Conda universe? Learn what Conda is & where it came from, what Conda packages are, which Conda communities to join, & more!

Webinar

The Future is Cloud-native & Your Organization Should Be Too | Conf42 Cloud-Native Keynote [On-demand Session]

In 2022, your entire tech stack is likely in the cloud - so why aren’t your software packages? Watch Ciara Carey's Conf42 Cloud-Native Keynote to explore why enterprises are going cloud-native.

Deploy Software

Cloud-Native Package Management for the Banking Industry

Technology-forward banks are embracing cloud-native tools in favour of on-premise tools. We explore why banks are moving to the cloud and what package management should look like in finance & banking.