Key Takeaways

  1. Cloudsmith raised €61.5 million (about 72 million dollars) in a Series C round led by growth investor TCV, with Insight Partners joining as a returning backer.
  2. The Belfast-based artifact management platform will use the funding to control and secure AI-driven software supply chains as enterprises adopt AI coding agents at scale.
  3. The round comes roughly one year after Cloudsmith’s $23 million Series B and brings total funding to about $124 million, marking one of the largest tech raises in Northern Ireland.
  4. Cloudsmith supports 30 plus package formats, containers, and AI or ML models, targeting Fortune 500 and Global 2000 customers that are replacing legacy tools.

Quick Recap

Cloudsmith, the Belfast-founded cloud-native artifact management platform, has closed a €61.5 million (72 million dollars) Series C round to secure AI-powered software supply chains. The financing is led by TCV with participation from Insight Partners and other existing investors, and was announced via the company’s official press communications and amplified by EU-Startups on X as breaking funding news. The fresh capital will fuel product development and go-to-market expansion as enterprises rush to govern software built increasingly by AI coding agents.

AI supply chains move to the front line

Cloudsmith positions itself as a universal, cloud-native artifact management layer that gives engineering and security teams fine-grained control over every software package, container image, and AI model moving through their pipelines. As AI coding agents generate code and dependencies at high velocity, enterprises face an expanding attack surface made up of open source libraries, internal components, and third-party packages that must be tracked, signed, and policy-enforced.

Cloudsmith’s platform supports more than 30 formats and enforces security and compliance policies across environments, effectively acting as a control plane for the AI-driven software supply chain. The $72 million Series C, led by TCV with Insight Partners returning, follows a $23 million Series B barely a year earlier, signalling strong investor conviction in the company’s trajectory.

Cloudsmith plans to deploy the capital into expanding security, compliance, and automation features, while scaling sales and customer success to meet rising demand from Fortune 500 and Global 2000 organisations that are replacing legacy artifact tools. Executives and backers frame the company as critical infrastructure for “AI-ready” enterprises that must prove their software is secure by design to regulators and boards.

Why this raise matters now?

The timing of Cloudsmith’s Series C aligns with an inflection point in AI adoption, where generative AI and autonomous coding agents are shifting from experiments to production across large enterprises. As these systems increase software output, organisations can no longer rely solely on manual code review and perimeter security, and are instead elevating supply chain controls to a board-level priority.

Regulators are also moving toward stricter expectations on software bills of materials, provenance, and AI model governance, which favours platforms that centralise artifact visibility and policy enforcement. Cloudsmith competes in a space long dominated by vendors such as JFrog and Sonatype, but distinguishes itself with a cloud-native, single-tenant architecture and a focus on being “AI-ready” for modern pipelines.

For Northern Ireland’s tech ecosystem, the deal is notable as one of the largest funding rounds ever raised by a local software company, potentially setting a benchmark for future deep tech and cybersecurity fundraising in the region.

Competitive landscape

While Cloudsmith is not a model, its platform directly competes with modern artifact and software supply chain solutions such as JFrog Artifactory and Sonatype Nexus, which are increasingly pulled into AI-era security conversations. The table below frames those platforms using AI-development-relevant dimensions like support for model artifacts and automation features.

Feature/MetricCloudsmith (Subject)JFrog Artifactory (Competitor A)Sonatype Nexus (Competitor B)
Context WindowControls storage and distribution of AI models and packages across pipelines, acts as external context store for AI agents via APIs. Stores and serves binaries and containers used by AI workloads, integrates with CI or CD tools for artifact retrieval. Manages open source and internal components consumed by AI pipelines, with policy-driven repository access. 
Pricing per 1M TokensNot priced per token, typically subscription based on usage tiers and enterprise scale. Not token-based, licence or subscription based on nodes, features, and usage. Not token-based, commercial editions priced by seats and deployment scope. 
Multimodal SupportSupports 30 plus package types, containers, and AI or ML model artifacts in a single cloud-native platform. Supports diverse binaries and container images, extensible for ML artifacts via repositories. Focused on software components and repositories, with integrations for containers and some ML workflows. 
Agentic CapabilitiesProvides APIs and policy engines that AI coding agents can query to fetch, verify, and promote artifacts with automated guardrails. Integrates with CI or CD agents and automation scripts for build, scan, and promotion workflows. Emphasises automated policy enforcement and vulnerability blocking within DevSecOps pipelines. 

In practical terms, Cloudsmith appears to lean hardest into AI-era requirements such as first-class support for model artifacts and cloud-native policy enforcement, while JFrog and Sonatype retain strong positions with broad legacy install bases and deep DevSecOps integrations. While Cloudsmith may “win” on AI-focused design and cloud delivery, JFrog and Sonatype still offer compelling value for organisations prioritising long-standing ecosystem integrations and established governance workflows.

TechnoTrenz’s Takeaway

In my experience, this kind of rapid follow-on round, barely a year after a sizeable Series B, is a strong signal that both customers and investors are seeing real traction, not just AI hype. I think this is a big deal because AI-generated software is quietly creating a new security perimeter, and whoever owns the artifact control plane is well placed to become indispensable infrastructure.

I generally prefer companies that are born in the cloud rather than retrofitted, and Cloudsmith fits that pattern with a platform that looks tuned for scale and compliance-heavy buyers. From a funding and adoption lens, I see this Series C as clearly bullish for Cloudsmith and for the broader AI supply chain security segment, with downstream benefits for enterprises that need to move fast on AI without losing control of what actually ships to production.

Add Techo Trenz as a Preferred Source on Google for instant updates!
google-preferred-source-badge

Sources

Barry Elad
(Senior Writer)
Barry loves technology and enjoys researching different tech topics in detail. He collects important statistics and facts to help others. Barry is especially interested in understanding software and writing content that shows its benefits. In his free time, he likes to try out new healthy recipes, practice yoga, meditate, or take nature walks with his child.
Related
Guide

EdTech Companies

Metaverse Companies

Cybersecurity Companies

3D Printing Companies
Statistics

Xpeng Statistics

Gordon Murray Automotive Statistics

MAN Statistics

Geely Statistics

Mazda Statistics