Cloudsmith

Are you at PlatformCon London? Join Spacelift and Cloudsmith TONIGHT at F1 Arcade London for an evening where competitive racing meets DevOps and platform engineering. Connect with peers, test your skills on full-spec racing simulators, and explore how to optimize your DevOps for both speed and control. 📅 Date: Wednesday, 25 June ⏰ Time: 7:00 PM - 10:00 PM BST 📍 Location: F1 Arcade London - 1 New Change, London EC4M 9AF, United Kingdom 🔥 Space is limited—reserve your spot now! 🔥 👉 https://t.co/DIL2MgMkky See you there!

Is your Helm a risk? 🔍 If your business or open-source project relies on Helm charts, join Nigel Douglas, Head of Developer Relations at Cloudsmith, in a hands-on, virtual workshop during PlatformCon 2025: "What Supply Chain Risks Are Hidden in Your Helm Charts?" Join this hands-on workshop to explore real-world Helm vulnerabilities and learn practical strategies to automate and strengthen your Kubernetes security posture. Reserve your spot 👉 https://t.co/fpmfsmp4cH 🗓️ Friday, 27 June at 4:00 PM BST / 11:00 AM EST 📍 Virtual #PlatformEngineering #PlatformCon2025 #KubernetesSecurity #Helm

We're thrilled to be part of PlatformCon 2025, the world’s largest platform engineering conference! This year, we're bringing two high-impact virtual talks to the stage 💥 More Than Code: How Culture Defines Platform Success Explore how team culture, not just tooling, shapes the true success of platform engineering 🌟 Artifact Management Unleashed: Powering Your Packages at Lightning Speed Discover how to optimize package delivery and streamline your artifact workflows for peak performance 🚀 This week only, PlatformCon attendees can enter to win a $250 gift card at the end of each talk! Watch now: https://t.co/Ev118HFRW8 #PlatformEngineering #PlatformCon25

In April, Scattered Spider cracked M&S’s systems in a massive ransomware attack. It all started with the theft of an NTDS.dit file. See Nigel Douglas’s advice for practitioners securing their CI/CD pipelines against lateral movement: https://t.co/E8ARSVYDaR Full guide: https://t.co/i383aZOnMt #DevSecOps #OWASP #CI/CD

🌍 Cloudsmith is proud to sponsor PlatformCon 2025 - the worlds biggest platform engineering event! Join us for a full week of all things platform engineering—including free virtual sessions packed with insights into cloud-native artifact management at scale 🚀 Here’s what we’re bringing to the table: 💡 23-27 June | 2 Virtual Talks • More Than Code: How Culture Defines Platform Success — Explore how platform strategy aligned with company goals enables empowered engineering teams. • Artifact Management Unleashed: Powering Your Packages at Lightning Speed — Discover how smart caching and optimized registry access can supercharge your package delivery. 🇬🇧 25 June | London Live Day - Booth 8 • Stop by Booth 8 to see why Cloudsmith is the world’s best cloud-native artifact management platform—fully managed, built for scale, and designed to secure and streamline everything in your software supply chain. • Get hands-on with the Cloudsmith platform, enter to win great prizes, and take home great swag! 🗓️ When: Wednesday, 25 June 📍 Where: Convene Sancroft, St. Paul's - London 🛠️ 27 June | Virtual Workshop • What Supply Chain Risks Are Hidden in Your Helm Charts? — A hands-on deep dive into vulnerabilities, attack scenarios, and best practices for securing Helm charts, ensuring supply chain security and compliance. 👉 Learn more & explore our sessions: https://t.co/Ev118HFRW8 #PlatformEngineering #PlatformCon25 #ArtifactManagement

Look familiar? If you’d like a refresher on best practices for tackling Poisoned Pipeline Execution, we’re running through OWASP’s CI/CD Top 10 risks with advice on how to deal with these types of unauthorised executions. Check out Part 4: https://t.co/kNJYMURVAZ Download the free guide: https://t.co/i383aZOnMt

To help you combat the rise in seemingly harmless malicious packages, we’ve broken down some best practices in Part 3 of the Cloudsmith and OWASP CI/CD Top 10 series on Dependency Chain Abuse. Read the blog: https://t.co/105trwTIzz Download the free guide: https://t.co/i383aZOnMt

If you’re looking to reduce exposure from over-permissive roles, stale access, or shared credentials, reviewing identity and access management best practice could make all the difference. In Part 2 of our OWASP CI/CD Top 10 series, we’re looking at CICD-SEC-2: Inadequate Identity and Access Controls. Read the blog: https://t.co/U18WjT4Qro Download the free guide: https://t.co/i383aZOnMt