BoostSecurity News, Press & Events

Over the past few years, Boost Security’s research team at Boost Labs has been deeply curious about how attackers might pivot from traditional application vulnerabilities to exploiting the CI/CD machinery itself. The team has spent extensive time studying "Living Off The Pipeline" (LOTP) techniques, mapping out how build tools, runner memory, and service accounts can be manipulated to turn the software factory against itself.

TL;DR BoostSecurity.io is thrilled to announce ‘poutine’ – an Open Source security scanner CLI you can use to detect misconfigurations and vulnerabilities in Build Pipelines. Additionally, it can create an inventory of build-time dependencies so you can track known vulnerabilities (CVEs) as well. Today, the tool has about a dozen rules covering vulnerabilities found in GitHub Actions workflows and Gitlab pipelines. We have plans to add support for CircleCI, Azure Pipelines and more. The source code is published under the Apache 2.0 license and it is available on GitHub.

BoostSecurity emerged from stealth last week with $12 million in seed money that CEO Zaid Al Hamami said will help them extend new development features for customers, hire more developers, and generally grow the business.

BoostSecurity, a developer-first DevSecOps automation platform, has secured $12m for its seed round, as it emerges from stealth.

Fresh startup BoostSecurity has an SaaS platform for developers and security teams that provides automated tools to shore up cybersecurity within the software supply chain.

Two veterans in the application security space want everyone to deliver software at large scales.

Funding – DevSecOps Automation:BoostSecurity has emerged from stealth with $12 million in seed funding. The funding round was led by Sorenson Capital, with additional support from Hoxton Ventures, Golden Ventures, Firebolt Ventures and Transform VC.

BoostSecurity on Wednesday emerged from stealth mode with a DevSecOps automation platform and $12 million in seed funding.

DevSecOps automation platform startup BoostSecurity.io Inc. today launched out of stealth mode with $12 million in new funding to accelerate the platform’s go-to-market and engineering initiatives.

BoostSecurity, a Montreal, Canada-based provider of a DevSecOps automation platform to secure software supply chain, raised $12M in Seed funding.