Registry
Integration & Delivery Plane
Cloudsmith is a fully managed, cloud-native package management platform that supports all major package formats and container technologies. It enables teams to securely store, manage, and distribute public, private, and open-source packages across their software pipelines.
What is Cloudsmith?
Cloudsmith is a fully managed, cloud-native artifact management platform designed to secure, control, and distribute every component in your software supply chain. Supporting 30+ package formats (including Docker, Maven, npm, PyPI, and raw file types) Cloudsmith acts as a single source of truth for an organization’s software artifacts, enabling consistent and reliable delivery across environments.
Profile
Cloudsmith operates as a fully managed, cloud-native artifact repository that centralizes the storage, security, and distribution of software packages throughout the development pipeline. Supporting 30+ package formats (including Docker, Maven, npm, PyPI, and raw file types), Cloudsmith functions as a centralized repository for an organization's software artifacts, enabling consistent and reliable delivery across environments. Its Docker-compatible, OCI-compliant container registry ensures seamless storage of container images alongside other packages, simplifying workflows and reducing operational complexity.
With native support for policy-based access controls written in OPA Rego, teams can define granular rules to automatically allow, deny, or quarantine packages based on vulnerability analysis. Cloudsmith integrates into CI/CD pipelines and scales globally, giving platform and security teams full visibility and governance over what enters and exits their ecosystem.
Focus
Cloudsmith focuses on bringing control, visibility, and efficiency to the software supply chain by providing a single, cloud-native platform for storing, managing, and distributing software artifacts. The platform emphasizes seamless integration with existing workflows, supporting package formats in flexible, multi-format repositories. It prioritizes developer productivity, global distribution, and proactive compliance, enabling teams to mitigate risks before code reaches production.
Background
Cloudsmith was founded in 2016 by Alan Carson and Lee Skillen in Belfast, Northern Ireland, after the pair experienced firsthand the challenges of managing software artifacts at scale while working at the New York Stock Exchange. Designed from the ground-up as a cloud-native platform, Cloudsmith aims to simplify and secure the software supply chain for modern development teams. In 2025, the company raised a $23 million Series B round led by TCV, with participation from Insight Partners and existing investors, to further accelerate its mission of providing secure, global artifact management at scale.
Cloudsmith main features
- Control: Get control of the software supply chain with a single, observable home for every package and container.
- Secure: Cloudsmith protects end users by mitigating compliance issues before they reach your production systems.
Distribute: Boost productivity and serve customers with global artifact distribution (600+ global points of presence) and analytics.
