Cloudsmith Blog

Supply chain security
Supply chain security
5 min read

Using Trivy Inside Cloudsmith

We chose Trivy early on, as we were building Cloudsmith. It’s open source, well-supported, and widely trusted. It offers support for containers, OS packages, language dependencies, SBOMs and secrets scanning…
Supply chain security
9 min read

OWASP CI/CD Part 9: Improper Artifact Integrity Validation

Improper artifact integrity validation is a critical vulnerability in CI/CD pipelines characterised by insufficient mechanisms to cryptographically verify the authenticity and integrity of code and bu…
Showing 1 to 12 of 60 results
Keep up to date with our monthly newsletter

By submitting this form, you agree to our privacy policy