Cloudsmith Reviews & Product Details

Cloudsmith is a Software-as-a-Service (SaaS) platform designed to help organizations manage their software supply chain effectively. It serves as a centralized repository for software dependencies, deployment, and distribution, ensuring that teams can access a single source of truth for their software assets. This platform is particularly beneficial for development teams seeking to streamline their workflows and maintain security across their software stack. Targeted at software development teams, DevOps professionals, and IT organizations, Cloudsmith addresses the complexities of managing diverse software assets. In an era where software development is increasingly collaborative and multi-faceted, the need for a unified solution has never been more critical. Cloudsmith allows teams to manage various asset types seamlessly, enabling them to focus on delivering high-quality software without the burden of juggling multiple tools or platforms. Key features of Cloudsmith include robust dependency management, automated deployment processes, and secure distribution channels. The platform supports a wide range of package formats, making it versatile for different programming languages and frameworks. This flexibility allows organizations to adopt Cloudsmith regardless of their existing technology stack, ensuring that they can scale their operations efficiently. Additionally, the platform's security measures help safeguard the software supply chain, protecting against vulnerabilities and ensuring compliance with industry standards. Cloudsmith also enhances collaboration among team members by providing visibility into the software lifecycle. With detailed analytics and reporting tools, teams can track the status of their software assets, monitor usage patterns, and identify potential issues before they escalate. This proactive approach not only improves the overall quality of software delivery but also fosters a culture of accountability and transparency within development teams. By integrating Cloudsmith into their workflows, organizations can achieve faster software delivery while maintaining control and security. The platform's emphasis on scalability and cost-efficiency ensures that teams can adapt to changing demands without incurring unnecessary expenses. Overall, Cloudsmith stands out in the SaaS landscape by offering a comprehensive solution that empowers organizations to manage their software supply chain with confidence and ease.

Product Website

Seller

Cloudsmith

Languages Supported

English

Product Description

Optimized for distributed teams working at any scale, Cloudsmith is your single source of truth for software assets. Proxy and cache to public upstreams, and use our Zero Trust model to control access to your most valuable IP. When we say we're cloud-native, we mean it. Whether you're deploying artifacts to your distributed teams, or shipping licensed software to your customers, our architecture is optimized for secure, controlled, lightning-fast delivery. Cloudsmith provides a flexible, powerful permissions system, putting you in complete control over who can access software. You can also integrate with your identity provider to control authentication, team membership and manage the lifecycle of your users. With Cloudsmith you can proxy and cache open source dependencies so you can evaluate OSS for threat signals, keeping malicious packages away from your developers and infrastructure. We deliver the performance, scalability and reliability developers demand, no matter where they are in the world. Get your teams out of maintenance mode, and ship without friction.

Overview by

Juliana Kelly

Discussions

Cloudsmith Community

Pricing

Pricing provided by Cloudsmith.

Core

Free

Per Month

View More Pricing Information

Cloudsmith Integrations

(28)

Verified by Cloudsmith

Cloudsmith Media

Cloudsmith Demo - Centralise artifact management with Cloudsmith

The only cloud-native, universal platform that acts as a source of truth for software everywhere. From source to delivery — with complete trust, control, and security.

Cloudsmith Demo - Flexible Artifact Management

Modern tech stacks use multiple languages, frameworks, and tools. Easily manage over 28+ different package and container types.

Cloudsmith Demo - Increase security in your software supply chain

Lower risks across the board, and get complete visibility and control over every single package in your software supply chain.

Cloudsmith is a fully managed, completely cloud-native architecture - built specifically to lower the cost and complexity of software artifact management.

Cloudsmith Demo - Enhanced Observability and Resilience

Powerful cloud-native, global access with controls 100% managed by you, so you can stay ahead of the curve every step of the way.

Performance, scalability and reliability modern dev teams demand, no matter where they are in the world.

Optimized for distributed teams working at any scale, Cloudsmith is your single source of truth for software assets. Get a demo or start your free trial today!

Official Downloads

(2)

edit

Cloudsmith Reviews (39)

G2 reviews are authentic and verified.

Here's how.

Karthik G.

Project engineer

Mid-Market (51-1000 emp.)

11/18/2025

"Unified Artifact Management with Strong Security"

5/5

What do you like best about Cloudsmith?

I highly appreciate Cloudsmith for its simplicity and comprehensive support for all artifact types, including Docker, PyPI, npm, and even raw files, which eliminates the need to juggle multiple registries and thereby reduces complexity and increases efficiency. The platform's cloud-native, fully managed nature functions as a centralized hub for securing, controlling, and distributing software assets globally. Moreover, Cloudsmith's built-in security features, such as automatic vulnerability scanning, license checks, and policy enforcement, impressively eliminate the need for additional tools, ensuring robust protection against supply-chain security risks. I am also highly satisfied with the universal format support provided by Cloudsmith, accommodating over 30 different formats, simplifying artifact management, and improving visibility by consolidating scattered artifacts into a single, easy-to-access repository. The CDN-backed delivery network augments this by ensuring speedy and reliable access to artifacts on a global scale. Overall, Cloudsmith addresses fragmented artifact management issues by offering an integrated solution that greatly enhances the modern software delivery and DevOps processes. Review collected by and hosted on G2.com.

What do you dislike about Cloudsmith?

I find the pricing model of Cloudsmith problematic. The pricing is based on bandwidth and storage, which can become expensive for teams with large artifacts or frequent downloads. Additionally, there’s a lack of personal experience with setup and usage due to the SaaS model, which may imply a non-intuitive onboarding process or lack of clarity in its native integrations. Review collected by and hosted on G2.com.

Verified User in Computer & Network Security

Small-Business (50 or fewer emp.)

9/26/2025

"The Swiss Army Knife Platform to manage dependencies"

4/5

What do you like best about Cloudsmith?

We use Cloudsmith for several purposes, including as an artifact repository and as a private Helm Chart repository. Integrating Cloudsmith with our pipelines has been very straightforward, and its Helm Chart repository feature allows us to securely and easily provide our charts to customers. We push and pull our built artifacts to Cloudsmith daily, and so far, we have not experienced any issues or downtime.

Up until today, I have never had to interact with the customer support, because I didn't need to. Review collected by and hosted on G2.com.

What do you dislike about Cloudsmith?

Although the web UI is easy to use, I sometimes get the sense that something isn't quite right. I'm not a web designer, so I can't identify exactly what feels off. Review collected by and hosted on G2.com.

What problems is Cloudsmith solving and how is that benefiting you?

Cloudsmith helps us address two main challenges: sharing specific artifacts with customers after they have been built in our pipeline, and distributing private Helm charts to our clients. Both of these issues are effectively resolved due to the seamless integration between our CI system and Cloudsmith. Review collected by and hosted on G2.com.

Response from Glenn Weinstein of Cloudsmith

edit

We're thrilled to hear you're able to rely on Cloudsmith as the backbone of your software supply chain - both internally and to external customers! We've worked hard on the "new" web UI and would love to take any feedback that we can use to make it better :)

Ernesto L.

Principal Software Engineer

Mid-Market (51-1000 emp.)

7/8/2025

"Cost effective and easy to integrate"

5/5

What do you like best about Cloudsmith?

We've been using Cloudsmith to host our private Conan recipes and packages and it's been working great. We compared including JFrog but found Cloudsmith to be the most cost-effective for our needs.

It was easy to integrate into our existing workflows and ubiquitious once setup.

We had to reach out to support for an issue that arised from a particular use case we had for Cloudsmith and they were prompt to respond and have been keeping us updated through its resolution. Review collected by and hosted on G2.com.

What do you dislike about Cloudsmith?

We have been using it for about 8 months now and have not had any issues with Cloudsmith that would make us dislike it. Review collected by and hosted on G2.com.

Response from Paul McKeever of Cloudsmith

edit

Hey Ernesto,

Thanks so much for taking the time to write a thoughtful review. So nice to hear things your Conan registry is working out well 💪

Support is super important to us here - we never want our users to be blocked. Please keep in touch, and if you have any feedback or suggestions they are always welcome.

Verified User in Computer Software

Mid-Market (51-1000 emp.)

7/16/2025

"Easy to use artifact storage"

4/5

What do you like best about Cloudsmith?

What I like best about Cloudsmith is its support for a wide range of package formats like Docker, RPM, DEB, and more — it’s incredibly versatile and saves us time managing multiple repositories. I also really like the new web app; it's clean, modern, and intuitive to use, which makes everyday tasks much easier and more efficient.

On top of that, having a direct Slack channel with the Cloudsmith developers has been incredibly helpful, their responsiveness and willingness to assist make a big difference. Review collected by and hosted on G2.com.

What do you dislike about Cloudsmith?

For the way I’ve used Cloudsmith so far, I’ve identified a few areas that could be improved:

• Intermittent CI/CD install failures – our pipelines sometimes fail when adding repositories; a simple re‑run usually succeeds, but the flakiness costs time.

• New web‑app usability – there’s no “select all packages on this page” option, and for DEB / RPM packages the target distribution and architecture aren’t immediately visible (both these were available in the old web-app).

• Bulk deletion via API – it would be much handier to delete packages in groups instead of having to specify each one individually.

• openSUSE repo re‑installation – reinstalling a repository that already exists fails on openSUSE, whereas the same action works on RHEL and Debian/Ubuntu.

• Distinct RPM icons – SLES and RHEL packages use the same logo; separate icons would make them easier to tell apart.

• Multi‑platform Docker copies – when copying a multi‑platform Docker image from one repo to another (via API or UI), only the primary image gets copied; the additional ones are left behind. Review collected by and hosted on G2.com.

Response from Glenn Weinstein of Cloudsmith

edit

That's great feedback on Cloudsmith's web app & format support, as well as our communications via Slack - thanks! The review was posted anonymously, but I wanted to let you know our team is going through the improvement suggestions point-by-point, and we'd love to dig in further (on the pipeline failures, the openSUSE repo reinstalls, and the multi-platform Docker copies). We've also got open feature requests logged for the "select all packages" and "bulk delete via API" ideas. We're all ears and I promise we'll do everything we can to deliver on this list!

Ryan L.

Lead developer

Small-Business (50 or fewer emp.)

7/10/2025

"Best of the bunch"

3/5

What do you like best about Cloudsmith?

Cloudsmith provides a simple UI to configure multiple internal and external repositories for various projects and repository types. We have some configured for our internal development uses and others for distributing artefacts and container images to customers.

We moved to Cloudsmith from Sonatype Nexus repository OSS to gain support and move to a hosted solution. The onboarding was simple, and it was easy to get our CI pipelines integrated with the service.

I particularly liked that Cloudsmith can handle the signing of RPMs, which previously was cumbersome and prone to breaking in our automated pipelines.

The ability to throttle and limit individual entitlement tokens has also been a key tool for us. Review collected by and hosted on G2.com.

What do you dislike about Cloudsmith?

When we first started using Cloudsmith, on paper it seemed like it ticked a lot of boxes, with security scanning, audit logging and it would allow us to simplify all our disparate repository services into one. As we are a small ISV, we opted for the Pro plan, as $700 per month to host some artefacts seemed like a silly amount of money. We understood the usage-based limits of our plan; however, we quickly realised that many of the features we liked about Cloudsmith also required the next tier plan. Even things as simple as audit logs to identify excessive bandwidth use.

Unfortunately, looking at the cost of artefact management solutions, it seems that this pricing is the norm. Whilst we like what Cloudsmith offers, the value for money doesn't quite stack up in the way it is currently priced. Review collected by and hosted on G2.com.

Response from Glenn Weinstein of Cloudsmith

edit

Thanks Ryan for the valuable feedback - we're so glad Cloudsmith has proven to be a useful alternative to Sonatype Nexus. RPM signing and entitlement tokens are two deceptively powerful features and it's a thrill to hear how much value they're providing for your team.

Saima H.

Sr. Manager, DX

Enterprise (> 1000 emp.)

7/8/2025

"Ease of use"

4/5

What do you like best about Cloudsmith?

We chose it for its strong supply chain security, especially its protection against dependency confusion and package tampering. Our teams appreciate the visibility into package usage, automated policy enforcement, and centralized artifact management, all of which supported internal compliance and developer experience. Review collected by and hosted on G2.com.

What do you dislike about Cloudsmith?

There is some toil and operational overhead with Cloudsmith, including:

Manual steps required for initial rollout and configuring coverage across all services and the usage dashboards are not as detailed as we would have liked Review collected by and hosted on G2.com.

What problems is Cloudsmith solving and how is that benefiting you?

It has helped to simplify our internal compliance through license checks/policy enforcement & has improved developer velocity by giving teams a single, managed registry for both internal and third-party packages. This reduces friction in our CI/CD workflows and makes it easier to control what goes into our prod environment. Review collected by and hosted on G2.com.

Response from Glenn Weinstein of Cloudsmith

edit

That's great feedback, thanks Saima :) We're investing a lot of time & effort into improving our observability suite generally, so I hope we can eventually provide the kind of detailed usage dashboards you're looking for.

We've also built a lot of additional Customer Success resources over the past 12-18 months to assist new customers with initial rollout and configuration, so hopefully future customers can benefit from our collective learnings!

Good luck with Cloudsmith and reach out anytime at ceo@cloudsmith.com or on Slack.

Greg T.

Staff Platform Engineer

Mid-Market (51-1000 emp.)

7/8/2025

"Simple, Reliable Package Management"

5/5

What do you like best about Cloudsmith?

Cloudsmith is easy to set up, reliable, and supports multiple package formats in one place. The UI and CLI are both intuitive, and it fits nicely into our CI/CD pipelines Review collected by and hosted on G2.com.

What do you dislike about Cloudsmith?

Pricing can become a bit expensive at scale, especially with lots of artifacts, but overall the value is still strong. Review collected by and hosted on G2.com.

Response from Paul McKeever of Cloudsmith

edit

Hey Greg,

Thanks for taking the time to share your feedback with us.

Developer experience (and automation) is something we care about deeply, and I'm glad the integration into your pipelines was smooth.

Appreciate the point you're making on pricing....on-demand charges are definitely more expensive so we offer custom annual plans for when usage scales.

Thanks again for trusting us with your Maven packages, and I appreciate you choosing us as a partner.

Verified User in Retail

Enterprise (> 1000 emp.)

7/1/2025

"Very powerful artifact manager - near perfect enterprise ready solution"

4.5/5

What do you like best about Cloudsmith?

There is a huge amount of details to like, but on top of my list is definitely the extensive API side by side with the Terraform support.

This is closely followed by a documentation which is not only easy to use and has up to date content, but also has live action API integration, so no guesswork is needed to puzzle together curl commands as you can even test it directly from the documentation and will have a fully working query easy to copy and paste into your own scripts as required.

Combined with an easy to use interface and a very approachable support I would recommend it anytime! Review collected by and hosted on G2.com.

What do you dislike about Cloudsmith?

There is one thing missing for perfection: Custom user roles.

If it would be possible to assign users individual rights on specific areas, such as adding upstreams from a curated whitelist, or creating entitlement tokens or even OIDC entries, this would require far less administrative work. Review collected by and hosted on G2.com.

Response from Paul McKeever of Cloudsmith

edit

Appreciate the positive feedback.

Great to hear rollout has been easy and that you’ve been automating things with the API and Terraform!

I’ve noted your feedback on custom user roles, and will be sure to share the need for more granular permissions with the wider team. Thanks again for choosing Cloudsmith.

Paul M.

CISO

Mid-Market (51-1000 emp.)

7/8/2025

"Great ease of use, download stats a bit lacking"

4/5

What do you like best about Cloudsmith?

Cloudsmith works really well for us as a multi-format repository. We store a mixture of docker images, RPMs, linux binaries in there for distribution to our customers. The customer token provisioning works well enough, and the API is pretty useful Review collected by and hosted on G2.com.

What do you dislike about Cloudsmith?

The download stats for Docker images aren't the best. They're per layer, and it makes it hard to work out what images customers are pulling. This makes our customer success team work harder than they need to. Review collected by and hosted on G2.com.

Response from Paul McKeever of Cloudsmith

edit

Hey Paul,

Great to hear Cloudsmith is working out well for your docker images, RPMs and other binaries. Software distribution is a really common use case for Cloudsmith so it's genuinely nice to hear things are working well.

I'm sorry to hear your colleagues have been having impacted by the download stats we offer.

Tracking consumption of downloads when sometimes we only deliver a single layer is definitely more complex than with other artifact types like RPMs.

But...we can (and will) do better here in future. I totally understand your frustration and will make sure this is flagged with our wider product and engineering teams.

Thanks again for trusting us with your software artifacts and please keep the feedback coming :)

Verified User in Real Estate

Mid-Market (51-1000 emp.)

1/2/2024

"Decent partner"

3.5/5

What do you like best about Cloudsmith?

We use Cloudsmith for hosting our Dart/Flutter packages. So far the platform is stable and gives us everything we need. Both sales and customer support are very approachable and do a great effort to understand our situation and they come with good solutions for our problems. Review collected by and hosted on G2.com.

What do you dislike about Cloudsmith?

We ran into a small issue where the Dart/pub handling seems to be a bit different compared to pub.dev in case of pushing the same version of a package twice. However support provided a workaround and development is looking into a potential solution as well. Review collected by and hosted on G2.com.

Response from Glenn Weinstein of Cloudsmith

edit

Thanks for the review! We've worked hard to provide a fully managed Dart repository to our customers, and it's great to hear your positive feedback on working with our sales & support teams.