¶
Boostsecurity is an Application Security Posture Management (ASPM) solution that helps you build secure software and secure your software supply chain.
Tutorials¶
- Establish Your First Connection - Learn how to integrate BoostSecurity with your Source Code Maanagement tools and enable Zero Touch Provisioning.
- Build First Custom Policy - Learn how to create or change policies.
How-to Guides¶
- Integrate with Source Code Management - Dive deeper into managing SCM integrations and gain more insights into your supply chain.
- ZTP Wizard - Learn about the Zero Touch Provisioning Wizard and how to provisioning ZTP for all your SCMs.
- Tuning Provisioning - Learn how to reconfigure and optimize your provisioning.
- Policy - Learn how to create and manage policies.
- Software Bill Of Materials - Learn how to setup and use BoostSecurity's SBOM service.
- Findings - Learn how to manage your findings.
- APIs - Learn how to manage API resources.
- Integrate with Third Party Notification Services - Learn how to integrate with 3rd-party notification services like Teams, etc.
- Integrate with Third Party Scanners - Integrate with 3rd-party scanners.
- Integrating with Third-Party Code to Cloud Context providers - Learn how to integrate with 3rd-party services providing cloud context.x
Reference¶
- Platform UI - Dive deep into each aspect of the BoostSecurity user interface and gain understanding into how each view works.
- Scanner Coverage - The Scanner Coverage page serves as a centralized dashboard for monitoring the Scanner Coverage status of your organizations.
- CI Integration - Learn how to integrate BoostSecurity into your CI.
- Configuring Scanner Modules - Learn about all the supported scanner modules
- FAQ - common questions and answers about BoostSecurity
- What's new - List of latests changes to the service
BoostSecurity Scanner¶
The BoostSecurity Native and Third-party Scanners provide out-of-the-box static-analysis automation with over 150 tuned rules to find across all cloud platforms and half a dozen programming languages. All scanner rules have been screened, tested, and adjusted to provide high-signal, low-noise results directly to developers before code is in production.
- All Rules - see the list of 150+ rules support by the Boost Scanner
- Secrets - rules for detecting secrets in source code
- CI/CD - Supply Chain - rules for CI/CD - Supply Chain misconfigurations
- X.509 - rules for misconfigurations in X.509 certificates
Integrations¶
- Jira - connect BoostSecurity findings to JIRA
- Slack - connect the BoostSecurity Activity Feed to Slack to see findings as they are discovered
- Teams - connect the BoostSecurity Activity Feed to Teams to see findings as they are discovered
- Dependabot - connect the BoostSecurity to Github's Dependabot API