BoostSecurity on Wednesday emerged from stealth mode with a DevSecOps automation platform and $12 million in seed funding.
BoostSecurity has developed what it describes as a zero friction DevSecOps automation platform that can help organizations quickly detect and fix vulnerabilities in their code. It provides visibility into software pipelines, allows users to prioritize and address issues, and enables organizations to define security policies.
Developers are notified about security issues while they are coding and the organization can keep track of their progress. In addition, customers can generate SBOMs across their entire supply chain.
The company provides an open source app that is available on GitHub. Customers can also use other open source scanners that integrate with BoostSecurity, including Bandit, Brakeman, Trivy, Semgrep, GoSec, GitLeaks, and Checkov.
BoostSecurity headquarters are in Montreal, Canada, but the firm also has operations in California. The company has obtained funding from Sorenson Capital, Hoxton Ventures, Golden Ventures, Firebolt Ventures and Transform VC, and it plans on using the money for go-to-market and engineering initiatives.
“BoostSecurity empowers organizations of any size to implement the same DevSecOps processes and technologies that the most advanced organizations have refined, ultimately closing the trust gap between DevOps and security,” said Zaid Al Hamami, CEO at BoostSecurity. “Our platform enables early detection and remediation of security vulnerabilities at every layer of the stack while ensuring the continuous integrity of the software supply chain at every step from the developer’s keyboard to cloud production.”
Related: The VC View: The DevSecOps Evolution and Getting “Shift Left” Right
Related: Shifting to DevSecOps Is as Much About Culture as Technology and Methodology
Related: DevSecOps Company apiiro Emerges From Stealth With $35 Million in Funding
Related: DevSecOps Firm Spectral Emerges From Stealth With $6.2 Million in Funding

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- ChatGPT Hallucinations Can Be Exploited to Distribute Malicious Code Packages
- AntChain, Intel Create New Privacy-Preserving Computing Platform for AI Training
- Several Major Organizations Confirm Being Impacted by MOVEit Attack
- Verizon 2023 DBIR: Human Error Involved in Many Breaches, Ransomware Cost Surges
- Google Patches Third Chrome Zero-Day of 2023
- Ransomware Group Used MOVEit Exploit to Steal Data From Dozens of Organizations
- Cybersecurity M&A Roundup: 36 Deals Announced in May 2023
- In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack
Latest News
- BBC, British Airways, Novia Scotia Among First Big-Name Victims in Global Supply-Chain Hack
- Sysdig Introduces CNAPP With Realtime CDR
- Stay Focused on What’s Important
- VMware Plugs Critical Flaws in Network Monitoring Product
- Hackers Issue ‘Ultimatum’ Over Payroll Data Breach
- US, Israel Provide Guidance on Securing Remote Access Software
- OWASP’s 2023 API Security Top 10 Refines View of API Risks
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
