Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.
Belfast, Northern Ireland-based software supply chain management startup Cloudsmith today announced that it closed a $15 million series A funding round led by Tiger Global, with participation from Shasta, Amaranthine, Sorenson, Leadout Capital, Frontline, MMC, and Techstart. The infusion brings the company’s total raised to over $17 million and will be used to expand Cloudsmith’s workforce from 17 employees to 60 in the next year, particularly its U.S.-based sales and data engineering teams.
Cloudsmith cofounders Alan Carson and Lee Skillen met 12 years ago while working for the New York Stock Exchange. They started a software business together in 2012 and built the platform that became Cloudsmith to address the package management and software distribution challenges that they encountered at that first startup.
“Cloudsmith’s goal is to secure the software supply chains for companies … [We’re] a centralized pane of glass for an organization’s software supply chain, from trusted sources right through to delivery,” Carson told VentureBeat via email. “Cloudsmith’s goal is to secure the software supply chains for companies. With [our] platform, engineers can set up a secure, cloud-native repository in just 60 seconds.”
In software, a package is a collection of files, along with information about those files. Package management has traditionally been on-premises, forcing businesses to spend a significant amount of money to use datacenters to send software around the organization — and clients. Cloudsmith’s platform aims to solve this by helping organizations distribute software without the need for local datacenters and the costs associated with them.
“While package management is by no means a new or flashy software space, it is a critical component of the software development lifecycle,” Vidya Raman, principal at investor Sorenson Ventures, said in a statement. “That’s where Cloudsmith’s continuous packaging platform has come in and continues to lead that market.”
Cloudsmith can also automatically scan for security vulnerabilities, helping businesses avoid introducing exploits into their software supply chains. As Raman notes, the security of software supply chains is a major issue around the world, with President Joe Biden issuing an executive order in May that ordered the federal government to improve the security of its own supply chain.
“The need for both cloud-native software development and secure software supply chains has resulted in the need to reinvent package management … It is in the new world that Cloudsmith truly shines,” Carson added.
Cloudsmith — which sees JFrog, Sonatype Nexus, PackageCloud, and Gemfury as competitors — claims to have customers across Europe, the U.S., the Middle East, and Australia, including the Internet Systems Consortium, Carta, and Font Awesome. U.S.-based companies now make up 60% of the five-year-old startup’s revenues.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.