Cloudsmith Ltd, a startup that helps developers manage their software components, has closed a $23 million funding round.
The Series B investment was led by TCV. Cloudsmith disclosed in its funding announcement today that the raise also included the participation of Insight Partners, Shasta Ventures and other institutional backers. The company’s total outside funding now exceeds $40 million.
Most enterprise applications incorporate open-source modules. Those modules range from libraries, code snippets focused on relatively narrow tasks, to entire operating systems. There also other components such as configuration scripts that manage the infrastructure on which an application runs. A program’s open-source modules, configuration files and other building blocks are collectively known as artifacts.
Belfast-based Cloudsmith provides a cloud platform for storing artifacts. It supports dozens of file types ranging from Docker containers to code snippets written in R, a specialized programming language optimized for statistical calculations. Companies can use Cloudsmith to create a kind of internal app store that enables developers to centrally access artifacts.
Software teams can add open-source modules to their internal Cloudsmith environments using a tool called Navigator. According to the company, it automatically ranks open-source projects based on their quality. Navigator measures quality based on factors such as a project’s popularity and whether its code adheres to programming best practices.
Before loading an open-source component, Cloudsmith scans it for vulnerabilities. The platform checks for both malware and known vulnerabilities listed in the CVE exploit database. Cloudsmith pulls information from the CVE database every hour to account for newly added vulnerabilities.
After developers add an open-source component to a Cloudsmith environment, the platform creates a local copy of the downloaded software. This local copy removes the need to download the component from the open-source repository where it’s hosted. As a result, the component remains available to developers even if the upstream repository goes offline or experiences a breach.
Cybersecurity is not the only factor that companies consider before adding third-party code to an application. Some open-source components have licensing restrictions, such as limits on what kind of commercial use is allowed. Cloudsmith provides licensing information about open-source components to help enterprises ensure they comply with usage terms.
According to the company, its platform distributes artifacts to developers using a specialized content delivery network. The network spreads files across more than 600 points of presence to speed up downloads. It also helps reduce outages that might disrupt development projects.
Cloudsmith says that its latest funding round follows a year in which it “grew nearly 150%.” The company added more Fortune 500 enterprises to its installed base and logged a fivefold increase in average deal size.
Cloudsmith will use the new capital to enhance its platform. The effort is set to place particular emphasis on adding new cybersecurity and artificial intelligence efforts. In parallel, Cloudsmith will hire more sales, marketing and customer success teams to support its go-to-market efforts.
Photo: Cloudsmith
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU
