Better together

Citi + Cloudsmith: Better Together

In today’s dynamic financial services landscape, Citi’s developers and security teams need a trusted foundation for delivering software at scale.

Cloudsmith offers a single-tenant, cloud-native artifact management platform designed to meet the demands of modern enterprises—where visibility, compliance, and control are non-negotiable.

kong logo
shopify logo
fa logo
pdlogo
kong logo
shopify logo
fa logo
pdlogo

Why Cloudsmith

Don't let aging artifact management infrastructure hold you back

Are your teams are stuck managing aging artifact infrastructure that wasn’t built for a cloud-first world? Don't let complexity, overhead, and lack of native cloud support block Citi as you push to modernize your global DevOps approach with Cloudsmith.
    A Single Source of Truth for All Your Artifacts
    Unify open source and proprietary packages in one fully managed platform—built to scale with your teams and your software supply chain.
    Built-in policy enforcement, quarantine, and SBOMs
    Automatically enforce policies, quarantine risky packages, and generate SBOMs—no extra tools, no manual processes.
    Ditch the Overhead, Keep the Control
    Skip the infrastructure burden. Cloudsmith runs fully managed in the cloud—so you can focus on shipping, not maintaining.
    Cloud-Native by Design, Compliance-Ready from Day One
    Built for teams in enterprise finance—Cloudsmith delivers enterprise-grade control in a secure, cloud-first architecture.

Switch to Cloudsmith

A complete software supply chain solution for Citi

Move to Cloudsmith for a fully-managed, enterprise-scale solution. Based on our analysis of your current technology stack, you may be experiencing a set of core issues.
Your current solutionYour oversight and input may be required for clustering, load balancing, shared storage, database replication, and networking configuration. If you are working with a distributed team, architecting for performance requires careful thought.
With CloudsmithCloudsmith is fully-managed SaaS with no servers to manage, database considerations. Cloudsmith is optimized for massive scale from Day 1. Your packages sit across our global infrastructure. Your teams get a great experience wherever they work. Our uptime is public, and we offer SLAs to Enterprise customers.
Your current solutionConsumption-based subscription where some additional features are charged separately. You may incur some per-seat charges.
With CloudsmithOur pricing is simple, with consumption-based plans tailored to suit organizations of all sizes. Switching to Cloudsmith unlocks your engineering resources, best spent on shipping novel software.
Your current solutionPackage curation features require add-ons. You can build fairly complex policies, but you won't be able to write policy-as-code using the Open Policy Agent (OPA) standard.
With CloudsmithUltra and Enterprise plans enterprise-ready policy management tools, based on OPA and industry-standard Rego. Everything flowing through Cloudsmith passes through these checks.
Your current solutionWhen it comes to getting support, your mileage may vary.
With CloudsmithWe work with you at every stage of your migration to Cloudsmith. Once you become a customer, you get support directly from our engineers. We pride ourselves on efficiency and friendliness.

Artifact management with Cloudsmith

Truly universal artifact management

Simplify and streamline operations. Cloudsmith is a secure store for all packages, containers and assets.
  • Support for 30 software package formats
  • Docker container registry as standard
  • Support for raw files and assets of any type
  • A true single source of truth for all your software

Supply chain security

Build powerful policies to control exactly what gets to production

Build policies in OPA Rego syntax to control what packages get to your teams and pipelines, and what packages are blocked.
  • Use OPA Rego syntax to define software policies
  • Block or quarantine packages that fail policies
  • Use policy logs to report on compliance
ConditionsActionsPackagesQuarantineVulnerabitiyCVE Severity - Critical1234567891011121314 policy
 rego.v1
max_cvss := cve_allowlist :=   match := match  target  input.v0.security_scan
packageimportdefaultfalseifsomesomein# maximum allowed CVSS score# array containing IDs of CVEs that have been explicitly allowed6}{[]"CVE-2023-32681"

Global distribution

Boost productivity and get software to customers fast using our global package distribution network.

  • Fully managed architecture
  • Globally-distributed content delivery
  • Highly-available
Logo of PagerDuty
If you're looking for someone who's not just going to be a vendor…but a long-term partner then that would be my recommendation on why you should go with Cloudsmith.

Dave Bresci

Senior Manager of Site Reliability Engineering

Before

PagerDuty were suffering with pipeline disruption and support bottlenecks. They needed first-class performance and developer-friendly service.

With Cloudsmith
  • Fully managed artifact management
  • Highly available solution
  • Fast, friendly service
Results
  • 50% cost savings
  • Reliable pipeline stability
  • Better, faster issue management
G2 logo
Customers love Cloudsmith
Momentum leaderBest resultsHigh performerMost implementableBest usability
We’d love to chat with Citi