Your packages available, when you need them
You control a Cloudsmith private repository. You don’t rely on any third party to ensure an asset or package is available when you need it. As a result, you are never left unable to develop and deploy your code.
Upstream proxying: Cloudsmith caches upstream packages for you, for convenient consistent access
Protect your software and servers from downtime and slowness of official main repositories
Understand where packages are used, deliver clear reporting on package usage levels across the organization, and be ready to rapidly respond to emerging vulnerabilities. Cloudsmith provides detailed auditing and analytics of where all your software assets are deployed.
Extended detail on package access via comprehensive access logs
Retrieve all events for your account via the firehose API, for total visibility and control
Centralised security and malware scanning
Malware scanning on every package at the point of upload helps to ensure that your ecosystem is free from malware and other potentially unsafe constructs. Meanwhile a single central repository means your assets are easily accessible for security and vulnerability scanning.
All communication and storage is encrypted in-transit and at-rest (with 256-bit or hardware-based encryption)
Checksums and GPG signatures are provided to detect tampering
Manage teams and organizations
Collaborate securely with other users in your organization. Structure teams, organizations and permissions to control how and where individual assets are used.
No per-seat pricing means no limit to how your business distributes packages with Cloudsmith.
Build teams and organizations in seconds
Get control of software licensing
Integrating packages from public repositories exposes the business to significant risks around licensing. In worst-case scenarios, you can lose all control of your own IP. Cloudsmith enables centralized control and oversight of licensing issues and removes much of that risk.
Insight on licenses across all of your software assets
Set controls on which licenses are permitted and minimise legal liabilities