Latest news with #Cloudsmith
Techday NZ
4 days ago
- Business
- Techday NZ
Nearly half of developers say over 50% of code is AI-generated
Cloudsmith's latest report shows that nearly half of all developers using AI in their workflows now have codebases that are at least 50% AI-generated. The 2025 Artifact Management Report from Cloudsmith surveyed 307 software professionals in the US and UK, all working with AI as part of their development, DevOps, or CI/CD processes. Among these respondents, 42% reported that at least half of their current codebase is now produced by AI tools. Despite the large-scale adoption of AI-driven coding, oversight remains inconsistent. Only 67% of developers who use AI review the generated code before every deployment. This means nearly one-third of those working with AI-assisted code are deploying software without always performing a human review, even as new security risks linked to AI-generated code are emerging. Security concerns The report points to a gap between the rapid pace of AI integration in software workflows and the implementation of safety checks and controls. Attacks such as 'slopsquatting'—where malicious actors exploit hallucinated or non-existent dependencies suggested by AI code assistants—highlight the risks when AI-generated code is left unchecked. Cloudsmith's data shows that while 59% of developers say they apply extra scrutiny to AI-generated packages, far fewer have more systematic approaches in place for risk mitigation. Only 34% use tools that enforce policies specific to AI-generated artifacts, and 17% acknowledge they have no controls in place at all for managing AI-written code or dependencies. "Software development teams are shipping faster, with more AI-generated code and AI agent-led updates," said Glenn Weinstein, CEO at Cloudsmith. "AI tools have had a huge impact on developer productivity, which is great. That said, with potentially less human scrutiny on generated code, it's more important that leaders ensure the right automated controls are in place for the software supply chain." Developer perceptions The research reveals a range of attitudes towards AI-generated code among developers. While 59% are cautious and take extra steps to verify the integrity of code created by AI, 20% said they trust AI-generated code "completely." This suggests a marked difference in risk appetite and perception within developer teams, even as the majority acknowledge the need for vigilance. Across the sample, 86% of developers reported an increase in the use of AI-influenced packages or software dependencies in the past year, and 40% described this increase as "significant." Nonetheless, only 29% of those surveyed felt "very confident" in their ability to detect potential vulnerabilities in open-source libraries, from which AI tools frequently pull suggestions. "Controlling the software supply chain is the first step towards securing it," added Weinstein. "Automated checks and use of curated artifact repositories can help developers spot issues early in the development lifecycle." Tooling and controls The report highlights that adoption of automated tools specifically designed for AI-generated code remains limited, despite the stated importance of security among software development teams. While AI technologies accelerate the pace of software delivery and updating, adoption of stricter controls and policy enforcement is not keeping up with the new risks posed by machine-generated code. The findings indicate a potential lag in upgrading security processes or artifact management solutions to match the growing use of AI in coding. Developers from a range of industries—including technology, finance, healthcare, and manufacturing—participated in the survey, with roles spanning development, DevOps management, engineering, and security leadership in enterprises with more than 500 employees. The full Cloudsmith 2025 Artifact Management Report also explores other key issues, including how teams decide which open-source packages to trust, the expanding presence of AI in build pipelines, and the persistent challenges in prioritising tooling upgrades for security benefits.
Cision Canada
29-05-2025
- Business
- Cision Canada
BOT Consulting forays into global market; expands its Global Delivery Center (GDC) footprint with a new Special Economic Zone (SEZ) facility in Rajasthan
Enabled through a government-backed MoU; the Special Economic Zone (SEZ) facility in Jaipur will create 500+ tech jobs Manpreet Singh, an industry veteran with experience at top global tech firms, will lead BOT's global debut and drive its next-gen GDC vision JAIPUR, India, May 29, 2025 /CNW/ -- BOT Consulting, a next-generation venture studio for Global Delivery Centers (GDCs), has announced its foray into the Indian market with its new SEZ facility in Jaipur. Spread in 2.5 acres, the 250+ seater delivery center at Mahindra World City, Jaipur will create over 500+ high-quality tech jobs in the region. Backed by a Memorandum of Understanding (MoU) with the Government of Rajasthan signed on 10th Nov. 2024, further cements Jaipur's reputation as India's emerging hub for innovation, talent, and digital infrastructure. This expansion forms the foundation for BOT's vision of building sustainable, high-performance delivery ecosystems in Tier 2 cities that are ready for global transformation. As a Venture Studio for GDCs, BOT offers a distinctive model that enables global tech firms to scale in India. Its approach combines the benefits of SEZs, AI-led operations, and a strong values-driven culture to deliver enterprise-grade solutions with the agility of a startup, minus the complexities of traditional outsourcing. Driving this new chapter of growth is Manpreet Singh, a former executive at Salesforce and Wipro, who joins BOT as CEO. With over two decades of experience in building and scaling cloud-tech and consulting GDCs to successful exits, Manpreet brings a culture-first, innovation-forward leadership style that will accelerate BOT's global ambitions. Speaking at the event, Manpreet Singh, CEO, BOT Consulting said, "At BOT, we're not just building delivery centers, we're building ecosystems of talent, culture, and capability that scale with our clients. Our model is designed for speed, resilience, and long-term alignment, and the success of partners like Cloudsmith and Hakkoda is a testament to that vision. As we expand, our focus remains clear: to enable global tech firms to grow with agility, purpose, and impact." "This is not outsourcing. This is asset-building. We're creating modern, scalable delivery centers that are tightly aligned to global companies' cultures and performance goals. Jaipur, with its incredible talent and infrastructure, is ready to lead this global shift. BOT's integrated approach transforms delivery centers from cost-driven extensions into innovation-ready hubs that contribute directly to core business value," he further added. BOT's partners are reporting faster go-to-market outcomes, cultural cohesion, and high levels of operational performance through their India delivery centers. "BOT Consulting has helped accelerate Cloudsmith's growth by establishing a high-performance software engineering and technical support center in Jaipur. Their ability to attract talent and scale up with us have enhanced our operational efficiency and delivered exceptional time-to-value. We are believers in Jaipur emerging as a powerhouse for world-class tech talent. We plan to keep scaling up based on BOT's strong culture and performance," said Glenn Weinstein, CEO of Cloudsmith. Echoing the sentiment, Erik Duffield, CEO of Hakkoda (an IBM Company), added, "BOT Consulting has been a great Global Delivery Center partner in building out our team in Jaipur. Their support has enabled us to build an amazing team with speed and in tune with Hakkoda's culture, training, and structure." BOT's operating model is designed to solve the biggest challenges in global delivery—delays in ramp-up, talent attrition, and misaligned cultures—by embedding agility and ownership from day one. AI-native talent acquisition, intensive onboarding, and robust governance allow operational readiness within weeks. With a high retention rate, driven by a strong emphasis on cultural integration and employee well-being, BOT ensures continuity and quality at scale. Through partnerships with institutions like SKIT and LNMIIT, BOT is also nurturing Rajasthan's next generation of tech professionals, with 25% of its workforce drawn from local engineering colleges. The company's Śrī Initiative, its CSR platform, drives community engagement across education and environmental causes—strengthening the social fabric around its operations and deepening its roots in the region. BOT's emergence is more than a business expansion, it's a strategic blueprint for how global delivery can be reimagined with purpose, precision, and long-term value. About BOT Consulting BOT Consulting is a next-gen GDC venture studio headquartered in India. By combining modern infrastructure, Rajasthan's top talent, and its proprietary operating model, BOT builds scalable, transferable GDCs for global tech firms—with a culture-first approach that ensures low risk, high quality, and rapid time-to-value. Partnered with industry leaders like Hakkoda and Cloudsmith, BOT is redefining Jaipur as the next frontier for innovation.
Yahoo
03-03-2025
- Business
- Yahoo
Cloudsmith Raises $23M Series B to Secure the Future of Software Supply Chains
Oversubscribed Funding Round by TCV and Insight Partners Accelerates Cloudsmith's Global Ambitions BELFAST, Northern Ireland, March 03, 2025--(BUSINESS WIRE)--Cloudsmith, the cloud-native artifact management platform redefining software supply chain security, has raised a $23 million Series B funding round led by TCV, with participation from Insight Partners and existing investors. Cloudsmith is used by enterprises that need control, security, and scalability in their software supply chain, and the company is cementing its position as the modern, developer-friendly, enterprise-scale alternative to legacy artifact management offerings from JFrog and Sonatype. Cloudsmith grew nearly 150% last year, significantly expanding its enterprise customer base by adding Fortune 500 and Global 2000 companies switching to modern artifact management. New capital from this oversubscribed funding round will go towards expanding sales, marketing, and customer success teams, innovation in software supply chain security product features, and investing in AI R&D. Enterprises are racing to secure and control their software supply chain as software threats and compliance pressures mount. Over 90% of a typical enterprise software application is sourced from open-source and third-party code, making binary artifact security as critical as source code scanning. Software supply chain security is now imperative at the CEO level. Developers, Platform Engineering teams, and DevOps teams need to be able to rely on a centralized artifact management platform that can scale across a global enterprise. Cloudsmith's cloud-native platform has proven to be the most scalable solution for providing a standardized, compliance-driven approach to artifact management across hundreds of developer teams using disparate formats, programming languages, and technologies. "Cloudsmith was founded to redefine artifact management, and with this investment, we're accelerating towards our mission at full scale," said Lee Skillen, Cloudsmith's CTO and co-founder. "Alan [Carson] and I remain deeply committed to making Cloudsmith the definitive global leader in software supply chain security." "The way software is built is fundamentally changing, making artifact management mission-critical for developers, cybersecurity professionals, and platform engineers alike," said Glenn Weinstein, Cloudsmith's CEO. "Enterprises need real-time observability, security, and control over their software supply chain. This new investment will help us to keep scaling up to meet the needs of the world's largest and most complex organizations." According to Gartner, 44% of organizations plan to significantly increase spending on supply chain cybersecurity, highlighting the urgent demand for stronger artifact security. Enterprises face mounting pressure to comply with regulations like the U.S. Executive Order on Cybersecurity and the EU's Digital Operational Resilience Act (DORA). These mandates highlight the need for greater visibility, control, and security across the software development lifecycle. In this context, Cloudsmith's fully managed, globally distributed architecture helps engineering teams proactively mitigate risk without slowing down. Enterprise policy management, continuous security scanning, and integrations with third-party software supply chain security tools are making Cloudsmith indispensable for large enterprises. "We believe in Cloudsmith's vision to become the backbone of modern software supply chains," said Morgan Gerlak, Partner at TCV. "Cloudsmith is showing why artifact management is a crucial component of the DevOps toolkit, enabling enterprises to better control, secure, and distribute software. We're excited to support the company in its next phase of growth." Cloudsmith's Belfast headquarters remains the heart of its global operations, with expansion plans across engineering, product, sales, and customer success to support its growing enterprise customer base. Cloudsmith serves a worldwide customer base, with 75% of revenue from U.S.-based customers. Cloudsmith is one of the leading software companies founded in Northern Ireland, strengthening its tech ecosystem and attracting top-tier talent. Existing investors MMC, Frontline, Techstart, Sorenson, Tapestry, and Shasta continued their support, increasing their investments in Cloudsmith as part of this funding round. About Cloudsmith Cloudsmith is the world's best cloud-native, enterprise-ready artifact management platform for securely developing and distributing software. We empower teams to build, deploy, and ship faster with complete control, security, and scalability. For more information, visit About TCV For nearly thirty years, TCV has partnered with global, category-defining technology companies as a leading growth equity investor. Leveraging its deep industry expertise and strategic resources, TCV's mission is to provide long-term capital and support to high-quality management teams across their growth journeys. The TCV Velocity strategy was created as a complement to the TCV Growth strategy to focus on earlier-stage opportunities while leveraging the TCV platform's domain expertise, established network of advisors and tech executives along with the firm's growth acceleration credentials. TCV Velocity targets strategic sectors of the IT economy and aims to identify early-stage businesses demonstrating clear product market fit. Select investments include Arize, Avalor, Grow Therapy, and Legit Security. For more information on TCV Velocity and its investments, visit About Insight Partners Insight Partners is a global software investor partnering with high-growth technology, software, and Internet startup and ScaleUp companies that are driving transformative change in their industries. As of September 30, 2024, the firm has over $90B in regulatory assets under management. Insight Partners has invested in more than 800 companies worldwide and has seen over 55 portfolio companies achieve an IPO. Headquartered in New York City, Insight has offices in London, Tel Aviv, and the Bay Area. Insight's mission is to find, fund, and work successfully with visionary executives, providing them with tailored, hands-on software expertise along their growth journey, from their first investment to IPO. For more information on Insight and all its investments, visit or follow us on X @insightpartners. View source version on Contacts Media Contact Cloudsmith@ Sign in to access your portfolio
BBC News
03-03-2025
- Business
- BBC News
Cloudsmith: Belfast IT firm raises £18m from US investors
Belfast IT company Cloudsmith has raised $23m (£18.2m) from US investors which it will use to grow its workforce and invest in product funding round was led by California-based TCV, whose notable investments include Facebook and was founded by Alan Carson and Lee Skillen who worked for the New York Stock Exchange technology operation in firm's technology lets companies easily update and send software securely around their business using the cloud. It is especially useful for large enterprises with hundreds of teams and thousands of software developers worldwide. 'Backbone' of software supply chains The investment is Cloudsmith's second major fundraising following an £11m deal in helped the company grow from around 20 employees to almost 100 with the aim of getting to 145 this 75% of the firm's revenues come from US-based said: "Alan and I remain deeply committed to making Cloudsmith the definitive global leader in software supply chain security."Morgan Gerlak, partner at TCV, said they invested in the firm as they believed in its vision to "become the backbone of modern software supply chains".New York-based Insight Partners and existing investors also participated in the funding round.
