Building a secure golden path: Cloudsmith x Octopus Deploy webinar

cloudsmith logo
Cloudsmith
Mar 12, 2026
Cloudsmith

What does it take to build a "Golden Path" that developers actually want to use? In this expert-led webinar, Cloudsmith and Octopus Deploy team up to explore the missing link in your software supply chain: turning artifact creation and management into an automated, trust-backed journey from source to ship.

Generating an SBOM is only the first step. The real challenge is what happens next—compliance checks, security ingestion, and ensuring that only trusted code reaches production. Our panel of experts discusses how to shift security "down" into your tools to remove cognitive burden from your engineering teams.

Key takeaways
🛣️ Golden paths vs. paved paths: Learn why a Golden Path is more than just guidance—it is enforcement backed by trust.
🔒 The role of artifact governance: Discover how centralized control planes like Cloudsmith enforce immutability and provenance before artifacts move downstream.
📄 Active SBOMs: Why your SBOM shouldn't be a "static receipt" but a living document used for continuous vulnerability monitoring and policy enforcement.
🤝 Automated trust handshakes: See how Cloudsmith’s policy engine (using Rego) acts as a green light for automated, secure deployments in Octopus Deploy.
0️⃣ Taming zero-day risks: Insights on how a mature Golden Path reduces discovery time during events like Log4Shell through better inventory and observability.

Webinar Timestamps

0:00 - Introduction to Cloudsmith & Octopus Deploy

1:45 - Meet the experts

5:04 - The agenda

6:45 - Golden paths vs paved paths

9:49 - Getting started with golden paths

13:55 - How to use Cloudsmith and Octopus Deploy together

18:10 - Designing a golden path that developers will use

20:21 - Building security into your golden path

25:50 - SBOM generation and CRA compliance
31: 25 - Using Cloudsmith to operationalize SBOMs

35:20 - Managing zero-day vulnerabilities

38:05 - Feature spotlight: quarantine & policy enforcement

41:10 - The first handshake: Connecting repository (Cloudsmith) to deployment (Octopus Deploy)

45:00 - Q&A: Getting developer buy-in for golden paths

46:35 - Housekeeping and sign off

Featured Experts
Ralph McTaggart – Principal Engineer, Cloudsmith
Steve Fenton – Director of Developer Relations, Octopus Deploy
Christian Garcia – Senior Customer Success Manager, Cloudsmith

Ready to secure your software supply chain and build a better developer experience?
🛠️ Sign up for a Cloudsmith trial: https://app.cloudsmith.com/login
🗓️ Book a demo to see how Cloudsmith can work for you: https://cloudsmith.com/book-a-demo

"Building trust from source to ship: The missing link in your golden path" originally ran on March 11, 2026.

#devops #PlatformEngineering #Cloudsmith #OctopusDeploy #GoldenPath #SBOM #CyberResilienceAct #SoftwareSupplyChain #SRE #Rego #DevSecOps #ArtifactManagement

Copyright © 2026 OpsMatters™. All rights reserved.