BoostSecurity emerges from stealth with $12 million CAD to automate cybersecurity for DevOps

Software development coding
Two veterans in the application security space want everyone to deliver software at large scales.

Montréal startup BoostSecurity, which provides a cybersecurity platform for the software supply chain, has emerged from stealth with $12 million CAD in seed funding.

The all-equity round was led by Sorenson Capital, with additional support from Hoxton Ventures, Golden Ventures, Firebolt Ventures and Transform VC. Sorenson Capital will be joining BoostSecurity’s board.

BoostSecurity’s aim is to help its users implement better security practices for their existing software supply chains.

Co-founded by Zaid Al Hamami (CEO) and Rajiv Sinha (CRO), BoostSecurity wants to bring the automation that hyperscale companies have developed internally to all. According to the company, its platform directly addresses the weaknesses in the software chain in addition to the third-party components.

Despite the developments around application and product security in the past decade, Al Hamami said most companies are still struggling to ship secure software.

“We looked around at companies that were exceptionally successful at doing so. Those companies were successful because they were able to build highly tailored automation around developer security in house, and to do so they had to have a large security team,” he said. “Realizing that most of the world cannot have such a security team, we decided that we wanted to bring the same automation and security technologies.”

The software supply chain has been a target for major attacks in recent years, including SolarWinds’ hack, which has been labeled as one of the biggest cybersecurity breaches of the 21st century. BoostSecurity’s aim is to help its users implement better security practices for their existing supply chains by injecting the right security technologies at the various layers in the technology stack.

RELATED: HugOps: how to get developer and security teams working together

Al Hamami told BetaKit that BoostSecurity has thousands of software repositories of its customers already being protected using its technology. BoostSecurity has also been making improvements in its product in their environments for the past year.

Al Hamami has over two decades of experience in the space that BoostSecurity operates in, including spending over four years at Canonical, which publishes a Linux open source operating system called Ubuntu. He left Canonical in 2013 as director of product and engineering, corporate services to launch Immunio, which also played in the fields of application and developer security. In 2017, Japanese cybersecurity giant Trend Micro acquired Immunio for an undisclosed amount.

Based in San Francisco’s Bay Area, Sinha worked at Oracle for nine years in a variety of roles, including manager of security compliance. In other previous leadership positions, he also worked at Solidcore Systems (acquired by McAfee), PwC, Cigital (acquired by Synopsys), and Acceptto Corporation (acquired by SecureAuth), among others.

Additionally, Sinha is currently an advisor to various software and cybersecurity companies, including OceanShield, Oloid, Airgap Networks, nVisium, and SafeBreach.

BoostSecurity currently has a team of 20 people, and this round of funding will help in expanding its product, engineering, marketing, and sales teams. The capital will also be allocated towards its engineering initiatives and go-to-market strategy.

Featured image courtesy Unsplash.

Charlize Alcaraz

Charlize Alcaraz

Charlize Alcaraz is a staff writer for BetaKit.

0 replies on “BoostSecurity emerges from stealth with $12 million CAD to automate cybersecurity for DevOps”