Cian Butler
๐ค SpeakerAppearances Over Time
Podcast Appearances
Nice little commonality there.
Supply chain security is one of those things we're very big on, very focused on.
It's not just though security.
So if you run different, you could run multiple different formats of packages or just one format.
You'd use us to be a proxy to your upstreams.
So you could say, pull all your packages through CloudSmith.
And that gets you better caching on them because you get our access to our CDN.
And then you can apply security posture on it.
So don't download any packages that have these vulnerabilities or CSVs published on them with our decision engines for that kind of tooling.
But as well, you might just publish your own packages for internal use.
So if you are a big company that's like...
building lots of packages that you use internally for other services.
So you could be having, let's say, a logging library with your custom logs.
It gets pulled in by all your microservices or CLIs, and they get built.
That's much more the traditional way of, like, people have private packages they don't want to put on the internet, and they don't want to have the insane tooling of putting all their packages in one repo.
So they have lots of... So they have private repository packages
A lot more focus now in the industry, that's supply chain security.
So that's where you see a lot of our development happening right now in securing different supply chains.