Cloudsmith Blog

Best Practices
Best Practices
8 min read

Using vulnerability scoring systems to prioritize risks in your environment

Instead of wasting time clicking buttons in a UI, Cloudsmith gives dev teams the freedom to write their security rules as code for more power and flexibility. This approach, called policy-as-code, requires them to define precise limits/thresholds for what they consider a risky software artifact. When you're building policy-as-code, you can sometimes be stuck deciding exactly what thresholds to set for risky software artifacts. With a tsunami of vulnerabilities being thrown your way daily, it's impossible (and inefficient) to treat them all as emergencies. This blog post will help you understand the various scoring systems you can use to build smarter, context-aware security policies…
Best Practices
8 min read

Pull back the hood on the data and tech that informs EPM

At Cloudsmith, we believe that visibility, control, and automation are essential to securing your software supply chain. That’s why we built Enterprise Policy Management (EPM) as a programmable enforc…
Showing 1 to 2 of 2 results
Keep up to date with our monthly newsletter

By submitting this form, you agree to our privacy policy