Cloudsmith raises £53m to secure AI-driven software supply chains with artifact management
This article covers Cloudsmith, a SaaS startup, raising £53m in a growth funding round to accelerate product development and expand go-to-market capabilities. The funding will help the startup scale its cloud-native artefact management platform to support engineering teams and enterprise customers facing higher artefact volumes and compliance requirements as AI-generated code becomes more prevalent.
Cloudsmith has raised £53 million in a growth funding round to accelerate product development and expand go-to-market capabilities; the company says the money will help it scale its cloud-native artifact management platform as software development increasingly uses AI-generated code.
Why it matters
Software development is shifting fast. AI agents are generating, assembling and deploying code at a speed that makes manual review impractical, expanding the number and complexity of software artifacts organisations must manage. That growth enlarges the attack surface across open source libraries, internal packages and third-party dependencies, and increases regulatory and compliance pressure on enterprises.
Cloudsmith positions artifact management as a control point for governance, security and compliance across the development lifecycle. For engineering teams replacing older tools, a platform that can store, move and enforce policies across package formats and environments matters because it sits between fast-moving development processes and enterprise risk exposure.
Inside the product
Cloudsmith offers a cloud-native artifact repository that handles multiple package formats and deployment environments. The platform emphasises visibility, access controls and governance workflows designed to track how software components are stored and consumed. The company highlights use cases where teams integrating AI coding agents use Cloudsmith to provide guardrails and enforce policies across software supply chains, and says many existing customers — including Fortune 500 and Global 2000 firms — are upgrading to its platform to cope with higher artifact volumes.
Who are the investors?
Who are the investors?
The round is led by TCV, with participation from Insight Partners. TCV previously led Cloudsmith’s Series B and has increased its exposure with this latest financing. Both investors frame the investment as a bet on infrastructure that provides compliance, control and security for AI-driven software development.
In the announcement, Morgan Gerlak, Partner at TCV, said:
Having led Cloudsmith’s Series B and now its Series C, TCV is proud to deepen our partnership with a company we see as defining artifact management for the AI era. As AI shapes the software supply chain, we believe Cloudsmith is uniquely positioned to become a platform enterprises rely on for compliance, control, and security at global scale.
In the announcement, Thomas Krane, Managing Director at Insight Partners, said:
In an era increasingly defined by AI-driven development, securing the software supply chain is critical. As a cloud-native offering, Cloudsmith is well-positioned to do this - providing the scale and reliability needed to help power enterprise and AI-driven builds and mitigate emerging risks. We believe in Cloudsmith’s vision to secure the software supply chain by serving as a curated, AI-ready solution for enterprises of all sizes.
If you're researching potential backers in this space:
- Explore our list of saas venture capital firms in the UK
- Browse our directory of saas angel investors in the UK
Founder perspective
Cloudsmith’s chief executive, Glenn Weinstein, frames the company’s role around the rise of AI agents in development and the need for enterprise-level governance.
In the announcement, Glenn Weinstein, CEO at Cloudsmith, said:
Cloudsmith is the only platform built for the way software is being developed today - by AI agents. We're never going back to hand-crafted software. AI agents generate so much software, so fast, it's nearly impossible for humans to carefully review it all. Cloudsmith has the scale, and the broad view across the open-source ecosystem, to protect enterprises against the new kinds of threats that AI-driven development introduces. TCV and Insight Partners both recognise this profound shift, and their backing is helping Cloudsmith scale up for the massive wave of adoption of AI agents across enterprise software teams.
Weinstein’s comments echo the product positioning: as artefact volumes rise, teams need mechanisms to enforce policy and maintain speed without sacrificing oversight.
The bigger picture
The financing reflects continued investor appetite for infrastructure that supports secure, compliant software delivery as AI-driven development becomes mainstream. For SaaS startups offering developer-facing infrastructure, the combination of higher artifact volumes and rising dependency attacks creates clearer commercial pathways to enterprise contracts.
Cloudsmith’s growth claim — upgrades from large enterprise customers and rising artifact volumes driven by AI — aligns with a wider market trend: organisations are investing more in tools that provide automated governance and visibility across software supply chains. The deal also underlines that both US growth investors and buy-and-build funds remain active in cross-border bets on developer infrastructure.
This funding round ties into broader UK and European debates about digital resilience and supply chain security as regulators and enterprises push for stronger software governance. As AI changes how code is produced, expect more deals targeting tooling that can bridge fast development and enterprise control.
They've invested in Cloudsmith
Get to know these saas investors
Click here for a full list of 7,589+ startup investors in the UK