Better together

Square + Cloudsmith

As Square continues to redefine commerce and financial access on a global scale, developer velocity, infrastructure simplification, and seamless M&A integration are more important than ever. Cloudsmith can help Square simplify software delivery — globally, securely, and without the overhead.

kong logo
shopify logo
fa logo
pdlogo
kong logo
shopify logo
fa logo
pdlogo

Why Cloudsmith

Modern Artifact Management for a Modern Financial Ecosystem

Square is on a mission to democratize financial tools. Cloudsmith is here to ensure your platform and developers have what they need to move fast — without compromising security or control.
    Global Reach With Zero Operational Overhead
    Your development teams span the globe — your artifact delivery should, too. Cloudsmith’s unique global Package Delivery Network (PDN) ensures high-performance access to artifacts no matter the region. Our fully managed cloud-native platform eliminates the need for self-hosted solutions, reducing maintenance overhead and boosting productivity.
    Simplify Infrastructure and Eliminate Tool Sprawl
    Managing multiple artifact solutions across business units introduces friction and risk. Cloudsmith helps consolidate and centralize artifact management into a single source of truth — reducing duplication, simplifying governance, and enabling standardization across your developer ecosystem.
    Accelerate M&A Integration
    With continuous acquisitions fueling Acme's growth, speed of integration matters. Cloudsmith enables fast, secure onboarding of new teams and toolchains by providing a unified platform that scales with you and adapts to different developer environments — without requiring heavy lifting.
    Built for Regulated Environments From Day One
    Financial services demand more than just performance — they require trust. Cloudsmith provides built-in policy enforcement, quarantine, SBOM generation, and upstream controls to ensure you’re meeting internal security and compliance requirements across every team, project, and region.

Switch to Cloudsmith

A complete software supply chain solution for Square

Move to Cloudsmith for a fully-managed, enterprise-scale solution. Based on our analysis of your current technology stack, you may be experiencing a set of core issues.
Your current solutionHigh Maintenance Overhead - Self-hosted solutions like Nexus and Artifactory require extensive setup and maintenance for scaling, redundancy, and performance.
With CloudsmithFully Managed, Cloud-Native Platform - No servers to manage. No tuning. You never need to add or manage additional nodes, replicate databases. This is pure SaaS, optimized for global scale.
Your current solutionUnpredictable Pricing - Consumption-based subscription with extra charges for key features. Per-seat costs will also add up. Total cost of ownership may far exceed perceived dollar cost.
With CloudsmithTransparent, Scalable Pricing - Simple, usage-based pricing that grows with you. Free up engineering time to focus on building, not budgeting.
Your current solutionManual User Management - Onboarding new teams and users is a manual and non-programomatic, introducing operational and security risk and wasting valuable time.
With CloudsmithSeamless Onboarding - Leverage Open ID Connect (OIDC) and Terraform to automate and secure the onboarding of new teams and users, helping Square move towards a truly self-service model.
Your current solutionSecurity as an add-on - Security is handled via separate products that aren't included with Nexus Repository. Products charge per-user seat license fees and have required dependencies.
With CloudsmithEnterprise-Grade Policy-as-Code - No add-ons. First-class support for Open Policy Agent and Rego ensures every artifact meets Square's compliance and governance needs.

Artifact management with Cloudsmith

Truly universal artifact management

Simplify and streamline operations. Cloudsmith is a secure store for all packages, containers and assets.
  • Support for 30 software package formats
  • Docker container registry as standard
  • Support for raw files and assets of any type
  • A true single source of truth for all your software

Supply chain security

Build powerful policies to control exactly what gets to production

Build policies in OPA Rego syntax to control what packages get to your teams and pipelines, and what packages are blocked.
  • Use OPA Rego syntax to define software policies
  • Block or quarantine packages that fail policies
  • Use policy logs to report on compliance
ConditionsActionsPackagesQuarantineVulnerabitiyCVE Severity - Critical1234567891011121314 policy
 rego.v1
max_cvss := cve_allowlist :=   match := match  target  input.v0.security_scan
packageimportdefaultfalseifsomesomein# maximum allowed CVSS score# array containing IDs of CVEs that have been explicitly allowed6}{[]"CVE-2023-32681"

Global distribution

Boost productivity and get software to customers fast using our global package distribution network.

  • Fully managed architecture
  • Globally-distributed content delivery
  • Highly-available
Logo of PagerDuty
If you're looking for someone who's not just going to be a vendor…but a long-term partner then that would be my recommendation on why you should go with Cloudsmith.

Dave Bresci

Senior Manager of Site Reliability Engineering

Before

PagerDuty were suffering with pipeline disruption and support bottlenecks. They needed first-class performance and developer-friendly service.

With Cloudsmith
  • Fully managed artifact management
  • Highly available solution
  • Fast, friendly service
Results
  • 50% cost savings
  • Reliable pipeline stability
  • Better, faster issue management
G2 logo
Customers love Cloudsmith
Momentum leaderBest resultsHigh performerMost implementableBest usability
We’d love to chat with Square