For organizations making an attempt to shortly develop safe code, a software-as-a-service (SaaS) platform from BoostSecurity goals to present automated instruments and checks all through the construct, take a look at, and launch phases of that course of — so as to prioritize safety all through the software program provide chain.
The startup emerged from stealth on Nov. 16 with $12 million in seed funding, led by Sorenson Capital.
Along with misconfigurations and insider threats to compromised dependencies, BoostSecurity’s platform may even assist safety and engineering determine and repair safety points with automated instruments, based on an announcement launched by the brand new enterprise.
Totally different Method
The corporate’s method is totally different than what has been obtainable earlier than, BoostSecurity’s CEO Zaid Al Hamami tells Darkish Studying. Particularly, automated testing and steady integration (CI) have been as soon as obtainable solely to corporations that would afford to rent high quality assurance groups to conduct handbook testing.
“Sooner or later, I imagine that constructing safe software program will probably be as pervasive as automated testing and CI is in the present day,” Al Hamami predicts. “That can occur when it turns into simply as simple to make use of, and the place the advantages to growth groups grow to be simply as apparent.”
With headline-grabbing software program provide chain cyberattacks changing into all too widespread, together with the notorious SolarWinds compromise, shifting left to make safety checks a part of the complete software program growth cycle has grow to be an rising precedence. BoostSecurity sees itself as providing automated DevSecOps instruments to assist.
“Even with the elevated consciousness and the exploding trade round developer safety, we imagine that we’re nonetheless within the early innings of a significant transformation,” Vidya Raman, associate at Sorensen Enterprise and lead investor in BoostSecurity, mentioned in a assertion concerning the firm. “The world now is aware of easy methods to ship top quality code, quickly. The following problem is constant to do each, however rather more securely.”
