Cloudsmith addresses weaponization of the software supply chain with advanced security capabilities
Cloudsmith announced an expansion of its advanced security capabilities, framing the platform as a unified control plane that bridges the gap between threat intelligence and active enforcement. The release highlights two core capabilities — continuous package enrichment (pulling from OSV.dev, EPSS, and OpenSSF malicious package data) and OPA-based policy management with features like cool-down periods, exploitability prioritization, deep SBOM inspection, and malicious package detection. The underlying argument: security tools surface risk just fine, but enforcement is disconnected from where software actually moves — and Cloudsmith fixes that.
Cloudsmith Launches MCP Server to Enhance Developers’ AI-powered Workflows
Cloudsmith announced the early access launch of its Model Context Protocol (MCP) Server. This new integration layer brings Cloudsmith’s capabilities directly into the developer’s AI-powered workflows
Cloudsmith Raises $23M Series B to secure the future of software supply chains
Oversubscribed funding round by TCV and Insight Partners accelerates Cloudsmith’s global ambitions
Cloudsmith launches Broadcasts: Software Package Distribution Designed for Perfect Reception
Cloudsmith today announced Broadcasts, a new feature offering branded delivery portals and built-in analytics to streamline software distribution for developers.
Cloudsmith unveils Advanced Observability Suite for artifact management
Cloudsmith has launched its Advanced Observability Suite as part of a broader web application redesign. The suite provides actionable insights into artifact usage, security, and compliance, helping organizations streamline artifact management, monitor consumption patterns, and address policy violations. With tools to align development and security priorities, the release aims to improve visibility and efficiency across software supply chains.
Cloudsmith achieves OCI v1.1 conformance, extending its cloud-native SSC control plane with OCI-based artifact management
Cloudsmith has announced compliance with the Open Container Initiative (OCI) v1.1 standard, expanding its cloud-native platform to manage container images and associated artifacts.
Cloudsmith launches Enterprise Policy Manager for software supply chain
Cloudsmith today announced the launch of its Enterprise Policy Manager, a policy-as-code engine that uses artifact management as the central control plane for governing software supply chains.
Cloudsmith Named to Prestigious Sifted 100 Leaderboard
Cloudsmith has earned a spot on Sifted 100 Leaderboard, a prestigious list of trailblazing tech companies.
Cloudsmith Triumphs at Digital DNA Awards
Cloudsmith has secured three prestigious awards at the highly acclaimed Digital DNA Awards.
Cloudsmith launches Navigator, a game-changer for open-source package selection
Cloudsmith has launched a search engine designed to empower software engineers to select the highest quality packages early in their development.
