GDPR and friends

Learn directly from the experts at Cloudsmith. Each month we cover essential topics including software artifact management, software supply chain security, emerging trends in software distribution, and best practices for software orgs.

Join Cloudsmith & guest Rob Godfrey, Senior Technical Architect at Financial Times, for DevOps Debriefs: discussing authentication's role in pipeline security. Find out how FT reacted to the CircleCI breach & how Cloudsmith's support of OIDC improved supply chain visibility

Rob Godfrey

Senior Technical Architect

Ciara Carey

Developer Relations

In our first episode of DevOps Debriefs, join Cloudsmith and special guest Rob Godfrey, Senior Technical Architect at the Financial Times (FT) for a discussion on the crucial role of authentication and credential management in ensuring software pipeline security.

We’ll discuss:
Innovative strategies that empowered the Financial Times team to overcome software supply chain risks in their pipelines.
How the team responded to the fallout of the CircleCI breach.
Insights into the challenges and triumphs as the Financial Times fortified its pipelines against potential risks.
The pivotal role of Cloudsmith in supporting FT's adoption of OIDC and providing comprehensive visibility into their entire software supply chain.

DevOps Debriefs: How The Financial Times Beat Leaks with OIDC

Securing your organizations pipelines

OIDC authentication

Join Cloudsmith and Chainguard as we talk about the easy way to securely consume Open Source Software (OSS) for your organization using Artifact Management and images with zero vulnerabilities.

Adrian Mouat 

Join Cloudsmith and Chainguard as we talk about the easy way to securely consume Open Source Software (OSS) for your organization. Discover S2C2F best practices for securely consuming OSS and understand how Cloudsmith’s Cloud Native Artifact Management aligns with these standards. Learn about Chainguard zero CVE images drastically reduce vulnerabilities and image attack surface.

Do You Know How to Securely Consume Open Source?

Securely Consuming Open Source

Chainguard Images with Zero Vulnerabilities

Cloudsmith as your Organizations Single Source of Truth

Explore actionable vulnerability management workflows for your organization with Cloudsmith. Optimize software integrity and prevent risks. Join our webinar now!

Alison Sickelka

VP of Product

Join us for a webinar on actionable vulnerability management workflows for your software pipelines using Cloudsmith. Understand the critical need to protect your organization’s software integrity from supply chain attacks and hidden vulnerabilities. Learn how Cloudsmith serves as your organization’s central source of truth for builds, mitigating risks, optimizing workflows, and ensuring global distribution. Explore Cloudsmith Navigator to safeguard your IP and prevent security breaches. Don’t risk the consequences of insecure software. Register now!

Practical Workflows for Managing Vulnerabilities Using Cloudsmith

Software Supply Chain Securely

Vulnerability Management

Join us for a demo and Q&A on Cloudsmith's cloud-native, global, universal artifact management platform! Learn how Cloudsmith can help you secure your software supply chain, optimize your workflow, distribute software globally, and reduce infrastructure costs!

Paul McKeever

VP Growth

Dan McKinney

Join Dan and Paul for a demo and Q&amp;A on Cloudsmith’s Cloud Native Software Supply Chain Management Platform! Learn how Cloudsmith can help you secure your software supply chain, optimize your workflow, distribute software globally, and reduce infrastructure costs!

Intro to Cloudsmith 

Cloud Native Artifact Management

Distribute Software Globally

Listen to Rust expert Carol Nichols discuss how adopting a memory-safe language like Rust can significantly reduce vulnerabilities.

Carol Nichols

Founder, CEO and author

Listen to Rust expert Carol Nichols discuss how adopting a memory-safe language like Rust can significantly reduce vulnerabilities.

Eliminating Vulnerabilities with Memory Safe Languages

Rust

Memory Safety

C and C++

Tune in to hear experts in leadership, DevOps and security look back on 2023

Glenn Weinstein

Josh Bressers

Luca Lanziani

Head of DevOps and Platform Engineering

Join our 2023 lookback at DevOps and supply chain security. How was DevOp investment in 2023? Are people generating SBOMs? Were there any major vulnerabilities like Log4Shell? Has there been a clampdown on cloud costs? And are we all using AI in our workflows? We have three wonderful panellists - Glenn Weinstein, CEO of Cloudsmith; Josh Bressers, VP of Security at Anchore; and Luca Lanziani, Head of DevOps and Platform Engineering at NearForm. Secure your spot for this tech-packed session!

Looking back at 2023: The State of DevOps

DevOps vs Platform Engineering

FinOps

Cloud Native Complexity

Tune in to learn how to securely use open source software using OpenSSF's S2C2F Framework

Adrian Diglio

Principal PM Manager

Tune in to learn about how to consume open source securely using S2C2F, an OpenSSF framework donated by Microsoft. Our guest is Adrian Diglio who leads the Secure Software Supply Chain team at Microsoft. Gain insights into leveraging the OpenSSF framework, and learn best practices for secure and efficient open source consumption. This webinar is essential for anybody navigating the landscape of open source security.

Consuming Open Source Securely Using S2C2F

Open Source

S2C2F

Join us as we delve into a real-world zero-day supply chain attack and unpack its implications for any org making software

David Gonzalez

Principal Engineer

A Node.js module with nearly two million downloads a week was compromised after the library was injected with malicious code programmed to steal bitcoins in wallet apps. 
Join us as we delve into a real-world zero-day supply chain attack. Understand the response that followed, and how attacks like this can be mitigated. Learn from David Gonzalez, Principal Engineer at Cloudsmith and Member of the Node.js security working group, as he walks us through the incident.

Understanding Zero-Day Vulnerabilities in Software Supply Chain

Security

Software Supply Chain

Understand SLSA 1.0 and adopt a comprehensive checklist of software supply chain security measures

David Wheeler

Isaac Hepworth

Any organization that has taken on the daunting task of securing their software supply chain knows the challenges, pitfalls and caveats that come with implementing security best practices. SLSA 1.0, a community-backed framework that provides a comprehensive checklist of security controls and standards, is here! So what does it mean for you and your organization?

Cloudsmith
Webinars

Archive

DevOps Debriefs: How The Financial Times Beat Leaks with OIDC

Do You Know How to Securely Consume Open Source?

Practical Workflows for Managing Vulnerabilities Using Cloudsmith

Intro to Cloudsmith

Eliminating Vulnerabilities with Memory Safe Languages

Looking back at 2023: The State of DevOps

Consuming Open Source Securely Using S2C2F

Understanding Zero-Day Vulnerabilities in Software Supply Chain

SLSA 1.0 is Here - What Does it Mean for Your Organization?

CloudsmithWebinars

DevOps Debriefs: How The Financial Times Beat Leaks with OIDC

Do You Know How to Securely Consume Open Source?

Practical Workflows for Managing Vulnerabilities Using Cloudsmith

Intro to Cloudsmith

Eliminating Vulnerabilities with Memory Safe Languages

Looking back at 2023: The State of DevOps

Consuming Open Source Securely Using S2C2F

Understanding Zero-Day Vulnerabilities in Software Supply Chain

SLSA 1.0 is Here - What Does it Mean for Your Organization?

Cloudsmith
Webinars