Cloudsmith has emerged as a critical solution in addressing the vulnerabilities prevalent in the software supply chain, with 81% of codebases reported to contain serious open-source risks. The startup recently raised $23 million in Series B funding to enhance its cloud-native artifact management platform, which serves as a private registry for software packages. By creating 'mirrors' of packages, Cloudsmith ensures that they remain accessible for future builds, thus enhancing build reliability and security for development teams, while also reducing reliance on potentially unsafe third-party sources.
Cloudsmith serves as a private registry for binary artifacts, ensuring builds are reliable and available for future use, mitigating open-source vulnerabilities.
The software supply chain is porous with 81% of codebases having critical open-source vulnerabilities, highlighting the need for robust management solutions.
With a fresh $23 million in Series B funding, Cloudsmith aims to modernize artifact management in software development, tackling the challenges of builds and dependencies.
By maintaining 'mirrors' of software packages, Cloudsmith addresses the inconsistencies that occur when third-party components change or become unavailable during build processes.
#software-supply-chain #open-source-vulnerabilities #artifact-management #startup-funding #cloudsmith
Collection
[
|
...
]