Cloudsmith unveils Advanced Observability Suite for artifact management

Nov. 27, 2024
The suite provides detailed visibility into artifact usage, helping teams understand consumption patterns.

Cloudsmith, a cloud-native artifact management platform, today announced the release of its new Advanced Observability Suite, offering artifact management for modern software delivery pipelines and providing actionable insights into artifact usage, security, and compliance.

The modern software pipeline is built on a vast, interconnected web of dependencies, spanning open-source libraries, third-party packages, and proprietary code. With open-source components making up over 90% of today’s applications and codebases averaging 500 direct and indirect dependencies, managing this growing complexity is a critical part of navigating security and compliance challenges effectively.

The new Observability Suite provides comprehensive and actionable insights into software artifacts by identifying policy violations, tracking quarantined software packages, and monitoring the overall health and compliance of repositories. In addition to security risks, the suite provides detailed visibility into artifact usage, helping teams understand consumption patterns—such as identifying underutilized artifacts or determining where resources can be reallocated—and align artifact management with business goals. 

All artifact data is centralized within the Cloudsmith platform, streamlining management and enhancing transparency throughout the software supply chain.

The release is part of a comprehensive web application update, backed by Cloudsmith’s robust platform APIs. This provides seamless automation and future-proof integration, along with a more user-friendly interface for enterprise-scale operations.

Responding to growing compliance pressure

Regulatory compliance has come into the spotlight recently as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Federal Bureau of Investigation (FBI) have set a January 2026 deadline for software manufacturers to adopt secure-by-design practices. Cloudsmith’s observability suite equips organizations with the visibility needed to meet evolving compliance demands, ensuring they can identify and mitigate vulnerabilities across their software supply chains.

Bridging the gap between security and development

Security and DevOps teams have often struggled to align their priorities, with CISOs enforcing rigorous security measures while development teams prioritize speed. Cloudsmith’s observability capabilities bridge this divide, empowering CISOs to take control by providing insights into artifact usage and helping to identify usage spikes and security risks. This enables proactive and collaborative security management without sacrificing development velocity, allowing teams to innovate with confidence. 

“We’re excited to introduce our refreshed web application alongside Cloudsmith’s Advanced Observability suite, a positive step forward in addressing modern developer challenges. With these tools, teams can monitor usage, track consumption patterns over time, and gain actionable insights all within our platform. These enhancements mean less time spent managing artifact repositories and more time focused on building and innovating,” said Paul May, Senior Director of Product and Design at Cloudsmith.

“The launch reflects our ongoing commitment to modern artifact management and ensuring that developers have the best user experience possible, now and into the future. And by surfacing actionable information through our Observability Suite, including the number of policy violations and the status of quarantined artifacts, teams can proactively mitigate security risks and optimize resource allocation.”

Key features and benefits of Cloudsmith’s Advanced Observability Suite include:

  • Detailed usage analytics: Gain a clear picture of artifact consumption patterns over time, presented through rich dashboards and tailored reports.
  • Security and compliance insights: Consolidate policy violations, vulnerability and license data, and package security scanning results, giving organizations a clear and actionable overview of their risk posture. 
  • Monitoring alerts: Receive notifications for usage activities and policy violations to ensure critical information reaches the right people at the right time.

“Cloudsmith’s analytics and alerts are instrumental in helping us manage our usage more effectively and plan for increases in demand for software artifacts,” said Dave Bresci, Senior Manager, Site Reliability Engineerat PagerDuty. “We can catch unexpected spikes in artifact consumption, improving our security posture and avoiding usage surprises at the end of the month.”