---
title: "Thomson Reuters + Cloudsmith | Secure Artifact Management"
description: "Accelerate your journey from an information leader to an AI-first technology company. Cloudsmith unifies artifact management across AWS and Azure while eliminating technical debt and engineering toil."
canonical_url: "https://cloudsmith.com/loves/thomson-reuters"
last_updated: "2026-03-12T11:42:47Z"
---
# Thomson Reuters + Cloudsmith | Secure Artifact Management

Cloudsmith x Thomson Reuters 

##  Secure the software supply chain behind Westlaw, CoCounsel, and Reuters

Thomson Reuters' AI-first transformation depends on thousands of packages flowing through your pipelines every day. Cloudsmith gives platform teams a single, secure artifact layer.

[Book a demo](/book-a-demo)

## Built for platform engineering teams at Thomson Reuters' scale


Engineering teams across Thomson Reuters build and operate platforms that power some of the most trusted information systems in the world – Westlaw, CoCounsel, Reuters, and tax and accounting software used by professionals worldwide.
These systems depend on thousands of open-source and internal packages, distributed across global development teams. As your engineering organisation scales and your AI investment accelerates, the artifact layer becomes a critical control point.
Cloudsmith provides the artifact management and software supply chain security layer that sits between your CI/CD pipelines and your cloud infrastructure. It gives platform teams a way to standardise how dependencies, packages, containers, and models are stored, secured, and distributed – across every team and every environment.

- Reduce technical debt related to artifact infrastructure across Thomson Reuters
- Shift engineering focus from "keeping the lights on" to AI value creation    
- Predictable cloud operating costs to support your global FinOps initiatives

Why Cloudsmith?

## Genuinely cloud-native artifact management

You are migrating 500TB of data and 18,000 databases to the cloud. You shouldn't be managing the repositories that feed them. Cloudsmith aligns with your "engineering velocity" goals.

### Delivering a golden path developer experience

Platform teams want developers to move fast with guardrails in place. Cloudsmith enables curated artifact repositories that give developers pre-approved open-source dependencies, internal libraries, and consistent build inputs across teams, with reliable artifact distribution worldwide. Developers get speed. Platform teams maintain control.

### Securing the software supply chain

Legal and financial technology platforms require strong governance over dependencies. Cloudsmith lets organisations scan artifacts for vulnerabilities, enforce license policies, block malicious packages, maintain auditable records, and track provenance. Security becomes part of the delivery pipeline, not a downstream process.

### Eliminating self-hosted artifact infrastructure

Many enterprises still rely on legacy artifact tools that require infrastructure management. Cloudsmith replaces this with a fully managed SaaS platform: global distribution, high-performance CDN delivery, multi-format support, and zero infrastructure overhead. Platform teams spend time enabling developers rather than maintaining servers.

### Standardising artifact workflows across the company

Large enterprises often have fragmented artifact tooling across teams. Cloudsmith provides a single standardised platform supporting containers, Maven/Gradle, Python/npm, ML artifacts, and internal binaries. One consistent developer experience across the entire organisation.

Switch to Cloudsmith

##  Switch to Cloudsmith: modern artifact management for a tech-first company

Compare the operational burden of legacy, self-hosted repositories with a managed, cloud-native service built for the speed of the modern Thomson Reuters engineering team.

| Your current solution | With Cloudsmith |

| --- | --- |

| Manual S3 prefixing and managing EC2 instances for internal artifact servers. | A fully managed, serverless platform that scales with your global demand. |

| Potential throttling and latency during high-concurrency build bursts in CI/CD pipelines. | A global Package Delivery Network that eliminates bottlenecks by caching assets at the edge for every region. |

| Hidden costs in storage, egress, and engineering hours spent keeping the lights on. | Transparent, usage-based pricing that supports your FinOps mandates and reduces technical debt. |

| Security risks and manual vetting processes for public AI models sourced from HuggingFace. | Automated proxying, caching, and scanning of ML models with policy-based quarantine. |

##  Trusted by engineering teams in global media and information services

## Customers love Cloudsmith

[Read reviews](https://www.g2.com/products/cloudsmith/reviews)

## Let's talk Artifact Management

Hi team Thomson Reuters,



I've been following your transformation into a world-class technology company, particularly Matt Dimich's focus on reducing technical debt to drive engineering velocity. It’s an inspiring shift, but I imagine that managing legacy artifact servers might still be a significant source of "toil" for your platform teams.

At Cloudsmith, we help companies like yours take the heavy lifting out of the software supply chain. We built the only artifact platform that is genuinely cloud-native—no servers to patch, no S3 buckets to manage, and no scaling limits to hit.



Whether it's standardizing your TR-AWS CDK library or securing your Hugging Face models for CoCounsel, we'd love to show you how we can help your engineers stop spending their time "keeping the lights on" and start shipping the future of professional-grade AI.



Let's chat about how we can help you move faster.

[Book a demo](/book-a-demo)
