Cloudsmith, the cloud-native artifact management platform redefining software supply chain security, has secured a $23 million Series B funding round led by TCV, with participation from Insight Partners and existing investors. As enterprises increasingly prioritize security, control, and scalability in their software supply chain, Cloudsmith continues to position itself as a modern, developer-friendly alternative to legacy artifact management solutions from JFrog and Sonatype.
With enterprise software threats and compliance pressures mounting, Cloudsmith has seen rapid growth, expanding its enterprise customer base by nearly 150% last year. Fortune 500 and Global 2000 companies are increasingly adopting its platform to secure and control their software supply chains. The new capital will drive expansion across sales, marketing, and customer success teams, accelerate innovation in software supply chain security, and fund AI R&D initiatives.
Software supply chain security is now a CEO-level priority, as over 90% of enterprise applications rely on open-source and third-party code. Traditional security measures like source code scanning are no longer sufficient—binary artifact security has become mission-critical. Cloudsmith’s fully managed, cloud-native platform provides real-time observability, continuous security scanning, and compliance-driven artifact management at an enterprise scale. By enabling global organizations to standardize security and distribution across hundreds of developer teams using diverse technologies, Cloudsmith is emerging as the most scalable artifact management solution in the market.
“Cloudsmith was founded to redefine artifact management, and with this investment, we’re accelerating towards our mission at full scale,” said Lee Skillen, Cloudsmith’s CTO and co-founder. “Alan [Carson] and I remain deeply committed to making Cloudsmith the definitive global leader in software supply chain security.”
Glenn Weinstein, Cloudsmith’s CEO, echoed this vision: “Enterprises need real-time observability, security, and control over their software supply chain. This new investment will help us to keep scaling up to meet the needs of the world’s largest and most complex organizations.”
As organizations increase their cybersecurity investments—Gartner reports that 44% of enterprises plan to significantly boost supply chain security spending—Cloudsmith’s role in mitigating risk without compromising development speed becomes increasingly vital. Compliance requirements, including the U.S. Executive Order on Cybersecurity and the EU’s Digital Operational Resilience Act (DORA), further reinforce the need for strong artifact security solutions.
Investors recognize Cloudsmith’s strategic role in modern DevOps. “We believe in Cloudsmith’s vision to become the backbone of modern software supply chains,” said Morgan Gerlak, Partner at TCV. “Cloudsmith is showing why artifact management is a crucial component of the DevOps toolkit, enabling enterprises to better control, secure, and distribute software. We’re excited to support the company in its next phase of growth.”
Headquartered in Belfast, Cloudsmith is expanding its engineering, product, sales, and customer success teams to support its growing enterprise base, with 75% of its revenue coming from U.S. customers. The company continues to strengthen Northern Ireland’s tech ecosystem while scaling globally. Existing investors MMC, Frontline, Techstart, Sorenson, Tapestry, and Shasta increased their commitments in this funding round, underscoring their confidence in Cloudsmith’s future.
Leave a Reply