Check out how to reduce the risk of data breaches by removing long-lived credentials from your CI/CD build pipelines using OpenID Connect (OIDC) authentication. 

Ciara Carey

Sales Engineer

We are back on May 22nd to see in action how OIDC tokens can provide enhanced security and convenience for your team, eliminating the need for long-lived credentials and reducing the risk of data breaches in your cloud environments. We'll demo how to connect to Cloudsmith to CI/CD pipelines using OpenID Connect (OIDC) authentication. 

Securely Connect Cloudsmith to Your CI/CD with OIDC Authentication

OIDC authentication

Zero Trust

Join Cloudsmith & guest Rob Godfrey, Senior Technical Architect at Financial Times, for DevOps Debriefs: discussing authentication's role in pipeline security. Find out how FT reacted to the CircleCI breach & how Cloudsmith's support of OIDC improved supply chain visibility

Rob Godfrey

Senior Technical Architect

In our first episode of DevOps Debriefs, join Cloudsmith and special guest Rob Godfrey, Senior Technical Architect at the Financial Times (FT) for a discussion on the crucial role of authentication and credential management in ensuring software pipeline security.

We’ll discuss:
Innovative strategies that empowered the Financial Times team to overcome software supply chain risks in their pipelines.
How the team responded to the fallout of the CircleCI breach.
Insights into the challenges and triumphs as the Financial Times fortified its pipelines against potential risks.
The pivotal role of Cloudsmith in supporting FT's adoption of OIDC and providing comprehensive visibility into their entire software supply chain.

DevOps Debriefs: How The Financial Times Beat Leaks with OIDC

Securing your organizations pipelines

Join Cloudsmith and Chainguard as we talk about the easy way to securely consume Open Source Software (OSS) for your organization using Artifact Management and images with zero vulnerabilities.

Adrian Mouat 

Developer Relations

Join Cloudsmith and Chainguard as we talk about the easy way to securely consume Open Source Software (OSS) for your organization. Discover S2C2F best practices for securely consuming OSS and understand how Cloudsmith’s Cloud Native Artifact Management aligns with these standards. Learn about Chainguard zero CVE images drastically reduce vulnerabilities and image attack surface.

Do You Know How to Securely Consume Open Source?

Securely Consuming Open Source

Chainguard Images with Zero Vulnerabilities

Cloudsmith as your Organizations Single Source of Truth

Explore actionable vulnerability management workflows for your organization with Cloudsmith. Optimize software integrity and prevent risks. Join our webinar now!

Alison Sickelka

VP of Product

Join us for a webinar on actionable vulnerability management workflows for your software pipelines using Cloudsmith. Understand the critical need to protect your organization’s software integrity from supply chain attacks and hidden vulnerabilities. Learn how Cloudsmith serves as your organization’s central source of truth for builds, mitigating risks, optimizing workflows, and ensuring global distribution. Explore Cloudsmith Navigator to safeguard your IP and prevent security breaches. Don’t risk the consequences of insecure software. Register now!

Practical Workflows for Managing Vulnerabilities Using Cloudsmith

Software Supply Chain Securely

Vulnerability Management

Join us for a demo and Q&A on Cloudsmith's cloud-native, global, universal artifact management platform! Learn how Cloudsmith can help you secure your software supply chain, optimize your workflow, distribute software globally, and reduce infrastructure costs!

Paul McKeever

VP Growth

Dan McKinney

Join Dan and Paul for a demo and Q&amp;A on Cloudsmith’s Cloud Native Software Supply Chain Management Platform! Learn how Cloudsmith can help you secure your software supply chain, optimize your workflow, distribute software globally, and reduce infrastructure costs!

Intro to Cloudsmith 

Cloud Native Artifact Management

Distribute Software Globally

Listen to Rust expert Carol Nichols discuss how adopting a memory-safe language like Rust can significantly reduce vulnerabilities.

Carol Nichols

Founder, CEO and author

Listen to Rust expert Carol Nichols discuss how adopting a memory-safe language like Rust can significantly reduce vulnerabilities.

Eliminating Vulnerabilities with Memory Safe Languages

Rust

Memory Safety

C and C++

Tune in to hear experts in leadership, DevOps and security look back on 2023

Glenn Weinstein

Josh Bressers

Luca Lanziani

Head of DevOps and Platform Engineering

Join our 2023 lookback at DevOps and supply chain security. How was DevOp investment in 2023? Are people generating SBOMs? Were there any major vulnerabilities like Log4Shell? Has there been a clampdown on cloud costs? And are we all using AI in our workflows? We have three wonderful panellists - Glenn Weinstein, CEO of Cloudsmith; Josh Bressers, VP of Security at Anchore; and Luca Lanziani, Head of DevOps and Platform Engineering at NearForm. Secure your spot for this tech-packed session!

Looking back at 2023: The State of DevOps

DevOps vs Platform Engineering

FinOps

Cloud Native Complexity

Tune in to learn how to securely use open source software using OpenSSF's S2C2F Framework

Adrian Diglio

Principal PM Manager

Tune in to learn about how to consume open source securely using S2C2F, an OpenSSF framework donated by Microsoft. Our guest is Adrian Diglio who leads the Secure Software Supply Chain team at Microsoft. Gain insights into leveraging the OpenSSF framework, and learn best practices for secure and efficient open source consumption. This webinar is essential for anybody navigating the landscape of open source security.

Consuming Open Source Securely Using S2C2F

Open Source

S2C2F

Join us as we delve into a real-world zero-day supply chain attack and unpack its implications for any org making software

David Gonzalez

Principal Engineer

A Node.js module with nearly two million downloads a week was compromised after the library was injected with malicious code programmed to steal bitcoins in wallet apps. 
Join us as we delve into a real-world zero-day supply chain attack. Understand the response that followed, and how attacks like this can be mitigated. Learn from David Gonzalez, Principal Engineer at Cloudsmith and Member of the Node.js security working group, as he walks us through the incident.

Webinar Archive