November 2023

You Took HOW Much Money?!?

Nov 28, 2023 By Glenn Weinstein In Cloudsmith

This week, we announced that Cloudsmith has taken an impressive $11M in additional funding, hot on the heels of our $15M Series A two years ago. That's not just serious cash for a startup; it's a game-changer! The natural questions are: why did we take it, and what's our big-picture plan?

Read Post

Cloudsmith

Read more about You Took HOW Much Money?!?

Secure Open Source Consumption: Level 1 of S2C2F

Nov 27, 2023 By Ciara Carey In Cloudsmith

Uncover how to reach Level 1 in S2C2F a framework for secure OSS consumption.

Read Post

Cloudsmith

Read more about Secure Open Source Consumption: Level 1 of S2C2F

Why C and C++ programmers should use a package manager

Nov 17, 2023 By Ciara Carey In Cloudsmith

Discover the risks and drawbacks of developing and distributing software without the support of a C++ package manager.

Read Post

Cloudsmith

Read more about Why C and C++ programmers should use a package manager

Understanding Zero-Day Vulnerabilities in Software Supply Chain

Nov 15, 2023 By Cloudsmith In Cloudsmith

A Node.js module with nearly two million downloads a week was compromised after the library was injected with malicious code programmed to steal bitcoins in wallet apps. Join us as we delve into a real-world zero-day supply chain attack. Understand the response that followed, and how attacks like this can be mitigated. Learn from David Gonzalez, Principal Engineer at Cloudsmith and Member of the Node.js security working group, as he walks us through the incident.

View Video

Cloudsmith

Read more about Understanding Zero-Day Vulnerabilities in Software Supply Chain

Mastering Open Source Security: Your Guide to S2C2F

Nov 6, 2023 By Ciara Carey In Cloudsmith

Welcome to our 2nd blog in our series on how to securely consume Open Source Software (OSS). Attacks targeting OSS are on the rise, making the security of your software supply chain a top priority. The 1st blog gave an overview of some of the most common types of attacks. Today we’ll explore the Secure Supply Chain Consumption Framework (S2C2F) that can help you mitigate against these attacks.

Read Post

Cloudsmith

Read more about Mastering Open Source Security: Your Guide to S2C2F

Operations | Monitoring | ITSM | DevOps | Cloud

November 2023

You Took HOW Much Money?!?

Secure Open Source Consumption: Level 1 of S2C2F

Why C and C++ programmers should use a package manager

Understanding Zero-Day Vulnerabilities in Software Supply Chain

Mastering Open Source Security: Your Guide to S2C2F

Monthly Archive

Follow Us