Operations | Monitoring | ITSM | DevOps | Cloud

Cloudsmith Supports OpenSSF's Efforts to Secure OSS

As part of our mission to make it simple to secure software at scale through Continuous Packaging, Cloudsmith is excited to announce that we have become an Open Source Security Foundation (OpenSSF) member. OpenSSF is a cross-industry forum for a collaborative effort to improve security in open source software (OSS). One software pipeline's output is another's dependency- we are all splashing around in each other's supply chains.

To NuGet and Beyond: NuGet Ecosystem & Upstream Support at Cloudsmith

Calling All.Net / C# / PowerShell Dev’s! We heard you! While Cloudsmith has supported NuGet packages for a while now, we’ve now got more robust support for the NuGet ecosystem. Whether it’s a V2/V3 NuGet package you created in Visual Studio, a Chocolatey package, a PowerShell Module, or a dependent package from NuGet.org, they can all be hosted in the SAME Cloudsmith repository! This one-hour webinar event discusses and demos the latest NuGet ecosystem and upstream support now available at Cloudsmith.

Securing The Software Supply Chain Linux Foundation Webinar

From the history of supply chain security threats to security development and deployment we've covered everything you’ve always wanted to know about the software supply chain but were afraid to ask. Dan Lorenc, Founder/CEO, Chainguard, Paddy Carey, Senior Staff Engineer, Cloudsmith, Adil Leghari, Solutions Architect Manager, Cloudsmith and Dan McKinney, Developer Relations, Cloudsmith, gathered for a fireside chat to cover your most burning questions.

Efforts to Secure OSS fired up after Log4Shell

Who would have thought software could rattle the White House? But a vulnerability in Log4J, a popular open source software project, exposed critical digital infrastructure to remote code execution attacks. This prompted the US Government to engage big tech, infosec professionals, and open source organizations to come together to help secure open source software.