Skip to content

BoostSecurity is a security automation platform to manage workflows that connect security tooling to developers with frictionless integrations.

User Guide

Boost Scanner

The Boost Scanner provides out-of-the-box static-analysis automation with over 150 tuned rules to find across all cloud platforms and half a dozen programming languages. The Boost Scanner rules have been screened, tested, and adjusted to provide high-signal, low-noise results directly to developers before code is in production.

  • All Rules - see the list of 150+ rules support by the Boost Scanner
  • Secrets - rules for detecting secrets in source code
  • Insecure Coding - rules for discovering vulnerabilities like the OWASP Top 10
  • CI/CD - Supply Chain - rules for CI/CD - Supply Chain misconfigurations
  • AWS - rules for cloud misconfigurations in AWS terraform and cloud formation
  • GCP - rules for cloud misconfigurations in GCP terraform
  • Azure - rules for cloud misconfigurations in Azure terraform
  • Kubernetes - rules for misconfiguration in Kubernetes manifests
  • X.509 - rules for misconfigurations in X.509 certificates


  • Jira - connect BoostSecurity findings to JIRA
  • Slack - connect the BoostSecurity Activity Feed to Slack to see findings as they
  • Dependabot - connect the BoostSecurity to Github's Dependabot API