Your packages available, when you need them

You control a Cloudsmith private repository. You don’t rely on any third party to ensure an asset or package is available when you need it. As a result, you are never left unable to develop and deploy your code. 

  • Upstream proxying: Cloudsmith caches upstream packages for you, for convenient consistent access

  • Protect your software and servers from downtime and slowness of official main repositories

shape shape

Unrivaled transparency

Understand where packages are used, deliver clear reporting on package usage levels across the organization, and be ready to rapidly respond to emerging vulnerabilities. Cloudsmith provides detailed auditing and analytics of where all your software assets are deployed.

  • Extended detail on package access via comprehensive access logs

  • Retrieve all events for your account via the firehose API, for total visibility and control

Centralised security and malware scanning

Malware scanning on every package at the point of upload helps to ensure that your ecosystem is free from malware and other potentially unsafe constructs. Meanwhile a single central repository means your assets are easily accessible for security and vulnerability scanning.

  • All communication and storage is encrypted in-transit and at-rest (with 256-bit or hardware-based encryption)

  • Checksums and GPG signatures are provided to detect tampering

Manage teams and organizations

Collaborate securely with other users in your organization. Structure teams, organizations and permissions to control how and where individual assets are used.

  • No per-seat pricing means no limit to how your business distributes packages with Cloudsmith.

  • Build teams and organizations in seconds

Get control of software licensing

Integrating packages from public repositories exposes the business to significant risks around licensing. In worst-case scenarios, you can lose all control of your own IP. Cloudsmith enables centralized control and oversight of licensing issues and removes much of that risk.

  • Insight on licenses across all of your software assets

  • Set controls on which licenses are permitted and minimise legal liabilities