DevSecOps automation platform startup BoostSecurity.io Inc. today launched out of stealth mode with $12 million in new funding to accelerate the platform’s go-to-market and engineering initiatives.

Sorenson Capital led the seed round, with Hoxton Ventures, Golden Ventures, Firebolt Ventures and Transform VC also participating.

Founded in 2020, BoostSecurity aims to solve problems plaguing organizations that are trying to ship software fast and securely. The company argues that the modern technology stack is complex, as is the modern continuous integration and continous delivery or CI/CD pipeline. Security tooling is needed at various stages in the development, build, test and release processes, but all those additional security measures slow down development and create “security noise” for development teams.

BoostSecurity claims to disrupt DevSecOps by delivering to all companies the automation that hyperscale firms use. Organizations can secure CI/CD pipelines, ship code fast, run all the necessary security checks on every commit, and fix issues while building code along the way without additional personnel, services or infrastructure.

“Most software organizations do not have the resources to implement the same grade of automation and optimization as hyperscale companies do when it comes to shipping software fast and securely,” Zaid Al Hamami, chief executive officer at BoostSecurity, said in a statement. “BoostSecurity empowers organizations of any size to implement the same DevSecOps processes and technologies that the most advanced organizations have refined, ultimately closing the trust gap between DevOps and security.

BoostSecurity says its platform enables early detection and remediation of security vulnerabilities at every layer of the stack while ensuring the continued integrity of the software supply chain. The software-as-a-service offering also assists engineering and security teams in contending with the task of securing the software supply chain itself against CI/CD misconfigurations, insider threats, compromised dependencies and more.

Vidya Raman, partner at Sorensen Venture and lead investor in BoostSecurity, noted that “even with the increased awareness and the exploding industry around developer security, we believe that we are still in the early innings of a major transformation.”

“The world now knows how to ship high-quality code, rapidly. The next challenge is continuing to do both, but much more securely,” Raman added. “BoostSecurity’s depth of experience in the fields of open source, application and cloud security as well as their uniquely innovative approach to solving the problem, coupled with the fact that the software supply chain has itself become a major target of attacks is what got us excited about this company.”

Image: BoostSecurity