Shows
DevEx UnpackedScaling People, Not Just Headcount: How HR Builds Culture at a Remote-First Startup#009: In this episode of DevEx Unpacked, Cloudsmith’s Chief Strategy Officer Alan Carson chats with Kerry Boden, HR Manager and the force behind scaling Cloudsmith during its explosive growth. Kerry shares her journey from linguistics to HR leadership, her experience joining a 35-person startup, and how she helped grow the company to nearly 90 employees across four continents.Learn how Cloudsmith balances rapid hiring with culture fit, how remote onboarding can actually outperform in-office programs, and the secret sauce behind keeping employees connected, even when they’re thousands of miles apart.From the magic of o...2025-06-1945 minDevEx UnpackedMastering Customer Success at Cloudsmith with Dave McConville#008: In this episode of DevEx Unpacked, host Alan Carson sits down with Dave McConville, a customer success powerhouse at Cloudsmith, to explore what it truly takes to build lasting customer relationships in a complex, fast-growing tech company. Dave shares his candid journey from aspiring software engineer to technical writer, scrum master, and ultimately, the go-to guy for making customers successful.With humour and deep insight, Dave unpacks the realities of artifact management, navigating curveballs post-sale, and the critical role of empathy, transparency, and trust in building partner-like relationships with customers. He discusses the ea...2025-06-1248 minDevEx UnpackedEngineering at Scale with Ronan O'Dulaing: Culture, Chaos, and the Craft of Building World-Class Teams#007: What does it take to scale a world-class engineering team? In this episode of DevEx Unpacked, Alan Carson sits down with Ronan O'Dulaing, seasoned engineering leader and VP of Engineering at Cloudsmith, to explore the strategies behind hiring top-tier talent, structuring growing teams, and building psychologically safe, remote-first cultures. Ronan shares battle-tested lessons from Silicon Valley to Belfast, offering candid insights on what it really means to lead with authenticity, manage chaos, and foster sustainable pace in high-growth environments. Whether you're a founder, CTO, or engineering leader, this episode is packed with actionable advice on rec...2025-06-0552 minDevEx UnpackedNaval Aviator to SaaS CEO: Glenn Weinstein on Leadership, Scaling, and Serving Developers#006: In this episode of DevEx Unpacked, Cloudsmith co-founder Alan Carson sits down with CEO Glenn Weinstein for a deep dive into leadership, growth, and developer-first thinking. Glenn shares his journey from programming on a Commodore PET to founding and selling a startup, his lessons from Twilio, and what drew him to lead Cloudsmith. The two discuss what it takes to build a category-defining company from Belfast, navigating VC funding, and how values like resilience, clarity, and service drive long-term success.A must-listen for founders, tech leaders, and anyone scaling with purpose. (0...2025-05-2948 min
Live Into Your BrillianceHe Manifested Millions, a Wife, and a Dream Home — But Not How You Think | Alan CarsonAlan Carson is the co-founder and former CEO of Cloudsmith—one of Northern Ireland’s most successful tech startups—but in this conversation, we don’t talk venture capital or product roadmaps.Instead, Alan opens up about the inner shifts that powered the outer success: quiet belief, listening to your soul’s nudges, and showing up long before the external proof ever arrives. This is the kind of manifestation most people don’t talk about—the kind rooted in resilience, mindset shifts, and gritty daily action.Alan shares the practices, setbacks, and surprising manifestations that shaped both hi...2025-05-271h 02DevEx UnpackedSupport to Solutions: Ciara Carey on Secure DevOps, Rego Policies & Growing with Cloudsmith#005: In this episode of DevEx Unpacked, Alan Carson chats with Ciara Carey, Solutions Engineer at Cloudsmith, about her career journey from developer to DevRel to her current customer-facing role. Ciara shares real-world insights on software supply chain security, how teams are using Enterprise Policy Management (EPM) to control open source risk, and why Cloudsmith’s cloud-native platform is a game changer for DevSecOps workflows. You’ll also hear stories about support chats, high-stakes demos, speaking gigs, and what makes a successful customer onboarding journey. A must-listen for engineers, platform teams, and security-conscious startups. ...2025-05-2249 minDevEx UnpackedFrom Solo Founder to CTO: Jack Spargo on Scaling Startups, Blockchain & Developer Culture#004: In this episode of DevEx Unpacked, Alan Carson chats with Jack Spargo, CTO of Control Alt, about his fascinating career journey from aerospace engineering to leading blockchain-powered investment platforms. Jack shares lessons from being acquired overnight, the challenges of building a platform from scratch, and why he’s betting big on junior engineers and AI augmentation. They explore the realities of compliance, software supply chain security, and why Northern Ireland is fast becoming a serious start-up hub. A must-listen for technical founders, engineering leaders, and DevOps pros navigating scale and innovation. 2025-05-1558 minDevEx UnpackedTom Gibson on Scaling Cloudsmith, Security Innovation & Developer DNA#003: In this episode of DevEx Unpacked, Alan Carson sits down with Tom Gibson, Principal Engineer and long-time Cloudsmith team member, to trace his journey from early start-up to leading strategic innovation in the CTO’s office. Tom shares behind-the-scenes stories about engineering through scale, building continuous security scanning, and what it takes to evolve a developer-first platform. Hear how Cloudsmith grew from four engineers to an enterprise-ready company, while staying true to its developer DNA. If you're building DevOps platforms, growing an engineering team, or just love a good Pac-Man rivalry, this episode is fo...2025-05-0847 minDevEx UnpackedDevRel, Donuts & Distributed Systems: Dan McKinney on Scaling Cloudsmith and Winning Trust#002: In this episode of DevEx Unpacked, Alan Carson sits down with Dan McKinney, one of Cloudsmith’s earliest team members and now Head of Solutions Engineering. Dan reflects on his unique journey from writing docs and filming DevRel videos to leading high-stakes enterprise sales. Discover how Cloudsmith scaled from a two-person start-up to a platform trusted by global enterprises, why software supply chain security is more urgent than ever, and what features make developers and security teams lean in. Bonus: hear the Pac-Man showdown story and why a black "Alan" T-shirt sums up start...2025-05-0153 minDevEx UnpackedScaling Secure Software: Alison Sickelka (VP of Product at Cloudsmith) on AI, Artifacts, and the Future of DevEx.#001: In this inaugural episode of DevEx Unpacked, host Alan Carson sits down with Alison Sickelka, VP of Product at Cloudsmith, for a deep dive into the evolution of software supply chain security. Alison shares her journey from journalism to product leadership, the unique talent landscape in Belfast, and how Cloudsmith is pioneering secure artifact management. Learn how Cloudsmith's Enterprise Policy Management is shaping compliance strategies, why SBOMs are crucial, and where AI fits in a secure DevOps future. Perfect for developers, security pros, and tech leaders looking to stay ahead in a shifting eco...2025-04-2451 min
UpsideUpside #32 - Tech to kill, tech to heal.Upside Podcast: Defence, Health Tech & The Future of European VentureThis week on Upside, Dan Bowyer (SuperSeed VC) is joined by Lomax (Outsized) and Peter Ward (Humanity) to dive into two major themes dominating European venture: defence and health tech. With Mads away running up hills in Spain with fellow VCs and LPs, the trio take a no-holds-barred approach to dissecting the latest developments shaping investment, technology, and geopolitics.1. Welcome & Introductions (00:12)2. Defence & European Venture (02:22)The geopolitical impact of US halting aid to Ukraine: What does it...2025-03-0847 min
TechCrunch Startup NewsCloudsmith raises $23M to improve software supply chain securityThe software supply chain is notoriously porous: a reported 81% of codebases contain high- or critical-risk open source vulnerabilities. A single vulnerability can have a far-reaching impact on the wider software supply chain, as evidenced by the likes of the Log4Shell exploit that saw millions of applications exposed to potential remote code execution hacks Learn more about your ad choices. Visit podcastchoices.com/adchoices2025-03-0505 min
EquityOpenAI gears up for a big announcement, and Apple Store workers authorize a strikeLast week was a busy one for some Apple Store employees. Over the weekend, workers at Apple’s Townson, Maryland store — the first Apple retail store to have a formally recognized union — voted to authorize a strike. While the date of the strike is still being determined, the union has been negotiating with Apple since January 2023 over work-life balance, unpredictable scheduling, and wages, among other issues.But that wasn't all we discussed on today’s episode of Equity. This morning, Rebecca Szkutak also broke down what we can and can’t expect from OpenAI’s livestream event later today...2024-05-1311 min
The PowerShell PodcastIAM in Focus: Insights from Adil LeghariIn this enlightening episode of the PowerShell Podcast, host Andrew Pla is joined by special guest Adil Leghari to delve into the intricacies of IAM (Identity and Access Management). Together, they explore the fundamentals of IAM and its significance in the broader realm of IT. Additionally, Andrew announces the PowerShell Podcast MVP awards, celebrating community excellence. Adil shares invaluable insights on career transitions, the anatomy of a login box, and common cyber attacks. He also sheds light on the flaws of passwords and emphasizes the importance of empathy and honest postmortems in the IT landscape. Tune in for a...2024-03-111h 21The PowerShell PodcastIAM in Focus: Insights from Adil LeghariIn this enlightening episode of the PowerShell Podcast, host Andrew Pla is joined by special guest Adil Leghari to delve into the intricacies of IAM (Identity and Access Management). Together, they explore the fundamentals of IAM and its significance in the broader realm of IT. Additionally, Andrew announces the PowerShell Podcast MVP awards, celebrating community excellence. Adil shares invaluable insights on career transitions, the anatomy of a login box, and common cyber attacks. He also sheds light on the flaws of passwords and emphasizes the importance of empathy and honest postmortems in the IT landscape. Tune in for a...2024-03-111h 21
Smart Cherrys ThoughtsChatting With Developer Relations At Cloudsmith-Ciara Carey From Dublin, IrelandChatting With Developer Relations At Cloudsmith-Ciara Carey From Dublin, Ireland-
Ciara Carey said about her work and aswered some of my questions, it was great chat.
more info at https://www.smartcherrysthoughts.com
2024-01-2851 minLive Into Your BrillianceWhat is the opportunity cost of the choices we make?Have you ever found yourself ruminating over roads not taken, opportunities missed, and the elusive 'what ifs'? Mark and I open the year with a deep dive into the concept of opportunity cost—a journey prompted by the insightful curiosity of our friend Alan Carson, Founder of CloudSmith. We peel back the layers of this economic principle, applying it to the richness of life's decisions to uncover how our beliefs and attachments can create an illusion of lost chances. As the conversation unravels, we reveal the freedom we've found by releasing preconceived notions and pressures we p...2024-01-0946 min
Syntax - Tasty Web Development Treats688: Ex-npm Employee Making a New Package Manager?! Vlt with Darcy ClarkeIn this supper club episode of Syntax, Wes and Scott talk with Darcy Clarke about his career path in tech, working with Wes back in the day, why he decided to build vlt volt, and the biggest sick pick list yet! Show Notes 00:32 Welcome 01:38 Building a tweet wall back in the day 08:54 How did you land at npm? npm
19:40 Why do we need another package manager and registry? 22:11 What is vlt volt? vlt: a new home for open source
vlt /vōlt/ (@vltpkg) / X
Shipping ESM with Mark Erikson
Bun
Yarn
Nx
27:18 Do you see a future where w...2023-11-031h 09
7 Minute Security7MS #583: Cred-Capturing Phishing with Caddy ServerToday we talk about crafting cool cred-capturing phishing campaigns with Caddy server! Here's a quick set of install commands for Ubuntu: sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list sudo apt update sudo apt install caddy -y Create an empty directory for your new site, and then create a file called Caddyfile. If all you wa...2023-08-0429 min
Backstage with ZuddlCloudsmith’s Hillary on running successful virtual conferencesEpisode Highlights:
Coming up with event content that resonates with your audience
How to perfect your conference by looking at event analytics
Actionable tips to engage a specialize attendee set
2023-08-0218 min
Marketers TalkingHow Marketers Can Do More with Less with Mallory MullanIn this episode Jess sits down with Mallory Mullan to discuss how marketers can do more with less while navigating a recession, especially when it comes to marketing at a startup.
Guest Info:
Mallory is a Growth and ABM marketing leader and startup advisor with 12+ years of experience building conversion-focused marketing strategies and high-performing teams for top companies such as Adobe, Botify, Deloitte, and Cloudsmith. Originally from North Carolina, USA, Mallory now lives in Northern Ireland with her husband and white Schnauzer puppy, forever in awe of the vast green countryside, Irish hospitality, and the...2023-03-2838 min
Flutter Dev Podcast#35 Безопасность инфраструктуры для Flutter-разработкиМы любим свою работу, мы любим Flutter, мы любим продукты, над которыми мы работаем. Уверен, если вы слушаете наш подкаст, тоже самое можете сказать про себя и вы. В этом выпуске мы поднимаем сложный и важный вопрос: каким реальным угрозам подвержена наша индустрия, и что мы можем предпринять, чтобы сохранить возможность быть Flutter-разработчиками, независимо ни от чего.
https://soundcloud.com/flutterdevpodcast/35-bezopasnost-infrastruktury-dlya-flutter-razrabotki
Мы подробно изучили вопрос разворачивания приватных pub-репозиториев, поговорили о политиках вайт-листинга сторонних зависимостей, составили перечень всех подверженных угрозам узлов инфраструктуры разработки, а также обратились к опыту наших китайских коллег, уже давно успешно работающих с Flutter из-за великого китайского файрвола.
У микрофона: Евгений Сатуров (Surf), Илья Вирник (Яндекс.Про), Михаил Матюнин (ex-Ozon).
Главное по выпуску:
❗️ Using Flutter in China https://docs.flutter.dev/community/china
❗️ Snyk Vulnerability Database https://security.snyk.io/
❗️ Инструкция по кастомным пакетным репозиториям https://dart.dev/tools/pub/custom-package-repositories
❗️ Статья про хостинг приватных пакетных репозиториев https://medium.com/dartlang/hosting-a-private-dart-package-repository-774c3c51dff9
❗️ mpp https://pub.dev/packages/mpp
❗️ unpub https://github.com/bytedance/unpub
❗️ Cloudsmith https://help.cloudsmith.io/docs/dart-repository
❗️ dart-lang/pub-dev https://github.com/dart-lang/pub-dev
❗️ Использование pub через Artifactory https://jfrog.com/blog/how-to-use-pub-repositories-in-artifactory/
❗️ Прокси для документации от Fox https://api.flutter.plugfox.dev/
Новости:
⚡️ Релиз freezed 2 https://github.com/rrousselGit/freezed/blob/master/packages/freezed/CHANGELOG.md#200
⚡️ Подведены итоги Flutter Puzzle Hack https://medium.com/flutter/announcing-the-flutter-puzzle-hack-winners-ae55f45c6363
⚡️ Dependabot получил поддержку pub https://github.blog/changelog/2022-04-05-pub-beta-support-for-dependabot-version-updates/
Официальный канал подкаста: t.me/flutterdevpodcast_news
Официальный чат подкаста: t.me/flutterdevpodcast2022-05-081h 06
The Real Python PodcastA Python Journey: Cyber Security, Automating AWS, and TDDThe Python community continually grows, with many users coming from different languages and backgrounds. This week on the show, we talk with developer Hugh Tipping about his Python journey. Hugh is also a member of the Real Python community.
Hugh has a background in programming C and Perl and started to use Python in a cyber security job. He explains the way he used Python to search for malware. Hugh provides some suggestions for security packages and tools.
Recently Hugh has been working with Amazon Web Services (AWS) and using the Boto3 library to automate...2021-12-1754 min
The Real Python PodcastDiscussing Type Hints, Protocols, and Ducks in PythonThere seem to be three kinds of Python developers: those unaware of type hints or have no opinion, ones that embrace them, and others who have an allergic reaction at the mention of them. Python is famously a dynamically typed language, but there are advantages to adding type hints to your code. This week on the show, we have Luciano Ramalho to discuss his recent talk titled, “Type hints, protocols, and good sense.”
Luciano was not a fan of type hints. He’s only recently come around to their potential with the introduction of protocols in PEP 544. Python...2021-12-031h 21
The Real Python PodcastBuilding a Content Aggregator and Working With RSS in PythonHave you wanted to work with RSS feeds in Python? Maybe you’re looking for a new project to build for your portfolio that uses Django, unit tests, and custom commands. This week on the show, we have Real Python author Ricky White to talk about his recent step-by-step project titled, “Build a Content Aggregator in Python.”
Ricky has been authoring the Real Python interview series for several years and was formerly our Community Manager. He talks about what inspired him to create this project and the Python technology and libraries to build it. He also shares advice...2021-11-1957 min
Application Security Weekly (Audio)Schools of Magic - ASW #173This week, Mike, John and Dan McKinney from Cloudsmith will be discussing SBOM and what that looks like for your applications. Other topics include: cloud-native tooling for your software supply chain, the history of provenance, GPG Keys & signing commits, package consumption, understanding threat modeling, and knowing the roles and responsibilities when it comes to security of your assets. In the AppSec News, Mike and John talk: Excel gains support for JavaScript data types and functions, arbitrary code execution in Linux kernel TIPC, more malware in npm packages, threat models and OTP/2FA bots, NIST Security L...2021-11-091h 13
Application Security Weekly (Video)A Standardized Approach to SBOM - Dan McKinney - ASW #173In this segment, Mike and Dan McKinney from Cloudsmith will be discussing SBOM and what that looks like for your applications. Other topics include: cloud-native tooling for your software supply chain, the history of provenance, GPG Keys & signing commits, package consumption, understanding threat modeling, and knowing the roles and responsibilities when it comes to security of your assets. This segment is sponsored by Cloudsmith. Visit https://securityweekly.com/cloudsmith to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.co...2021-11-0835 minApplication Security Weekly (Video)A Standardized Approach to SBOM - Dan McKinney - ASW #173In this segment, Mike and Dan McKinney from Cloudsmith will be discussing SBOM and what that looks like for your applications. Other topics include: cloud-native tooling for your software supply chain, the history of provenance, GPG Keys & signing commits, package consumption, understanding threat modeling, and knowing the roles and responsibilities when it comes to security of your assets. This segment is sponsored by Cloudsmith. Visit https://securityweekly.com/cloudsmith to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.co...2021-11-0835 min
The Real Python PodcastExploring Django Templates, Tags, and FiltersAre you getting the most out of the Django framework? It’s a powerful web framework if you’re not interested in reinventing the wheel. Django includes a useful template system with inheritance for composing reusable HTML. This week on the show, we have previous guest and Real Python author Christopher Trudeau to talk about his recent articles and courses about Django.
Christopher explains how Django templates help you avoid rewriting large portions of HTML for your web applications. His first article covers the built-in tags and filters provided by the framework. The second one dives into how...2021-11-051h 01
The Real Python PodcastCreating and Manipulating PDFs in Python With borbHave you wanted to generate PDFs from your Python project? Many of the current libraries require designing the document down at the pixel level. Would you be interested in a tool that lets you specify the page layout while it handles the specific details of laying out the text? This week on the show, we talk with Joris Schellekens about his library for creating and manipulating PDFs named borb.
borb is a pure Python library that can read, write and manipulate PDFs. You can use it to build fillable forms, invoices with attached data files, and multiple...2021-10-291h 01
Application Security Weekly (Audio)Halloween Horror - ASW #169This week, we welcome Tom Gibson, Senior Staff Engineer at Cloudsmith, to talk about Modernizing the Management of Your Software Supply Chain! This week in the AppSec News, Mike and John talk: The Twitch breach, a path traversal in Apache httpd, Microsoft disables macros by default after almost 30 years, factors in a great cybersecurity program, & more! Show Notes: https://securityweekly.com/asw169 Visit https://securityweekly.com/cloudsmith to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: ht...2021-10-121h 13
Application Security Weekly (Video)Modernizing the Management of Your Software Supply Chain - Tom Gibson - ASW #169SBOM: What does it really tell you and the importance of having one for your organization. - Finding and fixing known vulnerabilities in dependencies and container images - Building a source of truth for packages to avoid malicious packages getting through - Combining continuous packaging and security into a CI/CD pipeline - Establishing Trust & Provenance in your Software Supply Chain - Visibility in your Software Supply Chain with upstreams and signatures This segment is sponsored by Cloudsmith. Visit https://securityweekly.com/cloudsmith to learn m...2021-10-1135 minApplication Security Weekly (Video)Modernizing the Management of Your Software Supply Chain - Tom Gibson - ASW #169SBOM: What does it really tell you and the importance of having one for your organization. - Finding and fixing known vulnerabilities in dependencies and container images - Building a source of truth for packages to avoid malicious packages getting through - Combining continuous packaging and security into a CI/CD pipeline - Establishing Trust & Provenance in your Software Supply Chain - Visibility in your Software Supply Chain with upstreams and signatures This segment is sponsored by Cloudsmith. Visit https://securityweekly.com/cloudsmith to learn m...2021-10-1135 min
AugmentTyped, Mirakl, Cloudsmith, DeepFactor and Blackbird.AI raises funds | Fivetran acquires HVR | Salesforce has announced new Slack features | Salesforce has declared a significant victory in the fight against global climate change | project44 acquires ConveyData integration software Fivetran acquires data replication technology HVR. Customers of Fivetran now have access to a broader set of high-performance data replication solutions, including HVR’s change data capture connectors. Fivetran also raised a funding round of $565M.Business Canvas, the company document management SaaS behind Typed, has announced a $2.5M seed round led by Mirae Asset Venture Investment. The seed funding will be used to speed up product development and the global open beta launch of its AI-powered document management platform.Salesforce has announced new Slack features ju...2021-09-2203 min
Party Corgi PodcastThe First Premium Gatsby WordPress Themes with Alexandra Spalato and Paulina Hetmanhttps://gatsbywpthemes.com/cloudsmithGooFontsTartanifyhttps://alexandraspalato.com/https://pehaa.com/2020-07-2837 min
MoneyNeverSleeps085: Money Talks #13: Finn Murphy | Seed Investing in IrelandFinn Murphy from Frontline Ventures joins the show to talk about a people-centric view to investing in early stage startups, what it takes to scale Irish startups to nine-figure revenue levels, what typically lures Irish startups to the UK, US or Continental Europe, and how his own competitive drive works well in venture capital.
This episode is kindly sponsored by Ireland’s fintech and financial services recruitment specialists, Top Tier Recruitment. If you would like an intro to the team at Top Tier Recruitment, please click here.
In this episode, Pete Townsend talks to Finn Mur...2020-05-1543 min
XrmToolCastCDS For Code With Brandon KellyIn this episode, we spend time with Brandon Kelly from CloudSmith Consulting, who has a new open source extension for VS Code, to share with us. CDS for Code has the following features: - Manages Solution Assets - Editor For web Resources - Plugin Development Loop - Templating - Security - Code Generation Download the project here: https://marketplace.visualstudio.com/items?itemName=CloudSmithConsulting.cds-for-code Or check out the source here: https://github.com/cloudsmithconsulting/cds-for-code and reach out to Brandon at Brandon.K...2020-01-2548 min
Semaphore UncutLee Skillen from Cloudsmith on streamlined software packaging, building startups and the promise of on-premiseWe’re chatting with Lee Skillen, Founder and CTO at Cloudsmith, about how his startup solves the complex issue of streamlined software packaging. We also discuss the ups and downs of being an entrepreneur and starting one's own business.On Semaphore Uncut we invite software industry professionals to discuss what problems they’re currently solving and what excites them about the emerging technologies.You can find all episodes of Semaphore Uncut at https://semaphoreci.com/podcastFull transcript at https://semaphoreci.com/blog/lee-skillen-from-cloudsmith-on-streamlined-software-packaging2019-05-2735 min