Cloudsmith, the cloud-native artifact management platform redefining software supply chain security, has raised a $23 million Series B funding round led by TCV, with participation from Insight Partners and existing investors.
Cloudsmith is used by enterprises that need control, security, and scalability in their software supply chain, and the company is cementing its position as the modern, developer-friendly, enterprise-scale alternative to legacy artifact management offerings from JFrog and Sonatype.
Cloudsmith grew nearly 150% last year, significantly expanding its enterprise customer base by adding Fortune 500 and Global 2000 companies switching to modern artifact management. New capital from this
oversubscribed funding round will go towards expanding sales, marketing, and customer success teams, innovation in software supply chain security product features, and investing in AI R&D.
Enterprises are racing to secure and control their software supply chain as software threats and compliance pressures mount. Over 90% of a typical enterprise software application is sourced from open-source and third-party code, making binary artifact security as critical as source code scanning.
Software supply chain security is now imperative at the CEO level. Developers, Platform Engineering teams, and DevOps teams need to be able to rely on a centralized artifact management platform that can scale across a global enterprise. Cloudsmith’s cloud-native platform has proven to be the most scalable solution for providing a standardized, compliance-driven approach to artifact management across hundreds of developer teams using disparate formats, programming languages, and technologies.
"Cloudsmith was founded to redefine artifact management, and with this investment, we’re accelerating towards our mission at full scale," said Lee Skillen, Cloudsmith’s CTO and co-founder. "Alan [Carson] and I remain deeply committed to making Cloudsmith the definitive global leader in software supply chain security."
“The way software is built is fundamentally changing, making artifact management mission-critical for developers, cybersecurity professionals, and platform engineers alike,” said Glenn Weinstein, Cloudsmith’s CEO. “Enterprises need real-time observability, security, and control over their software supply chain. This new investment will help us to keep scaling up to meet the needs of the world’s largest and most complex organizations.”
According to Gartner, 44% of organizations plan to significantly increase spending on supply chain cybersecurity, highlighting the urgent demand for stronger artifact security. Enterprises face mounting pressure to comply with regulations like the U.S. Executive Order on Cybersecurity and the EU’s Digital Operational Resilience Act (DORA). These mandates highlight the need for greater visibility, control, and security across the software development lifecycle. In this context, Cloudsmith’s fully managed, globally distributed architecture helps engineering teams proactively mitigate risk without slowing down. Enterprise policy management, continuous security scanning, and integrations with third-party software supply chain security tools are making Cloudsmith indispensable for large enterprises.
“We believe in Cloudsmith’s vision to become the backbone of modern software supply chains,” said Morgan Gerlak, Partner at TCV. “Cloudsmith is showing why artifact management is a crucial component of the DevOps toolkit, enabling enterprises to better control, secure, and distribute software. We’re excited to support the company in its next phase of growth.”
Cloudsmith’s Belfast headquarters remains the heart of its global operations, with expansion plans across engineering, product, sales, and customer success to support its growing enterprise customer base. Cloudsmith serves a worldwide customer base, with 75% of revenue from U.S.-based customers. Cloudsmith is one of the leading software companies founded in Northern Ireland, strengthening its tech ecosystem and attracting top-tier talent.
Existing investors MMC, Frontline, Techstart, Sorenson, Tapestry, and Shasta continued their support, increasing their investments in Cloudsmith as part of this funding round.