¶

BoostSecurity is a security automation platform to manage workflows that connect security tooling to developers with frictionless integrations.
User Guide¶
- What's new - List of latests changes to the service
- Getting Started - learn how to integrate BoostSecurity with your SCM
- Integrating Boost with your CI - learn how to integrate BoostSecurity with your CI
- Configuring Scanner Modules - learn about all the supported scanner modules
- Creating and Managing Policies - learn how to create or change policies
- Creating an API Key - lean how to create an API Key
- Scanning Generated Artifacts - learn how to scan artifacts generated in your CI
- Software Bill Of Materials - learn how to setup and use Boostsecurity's SBOM service
- Using the GraphQL API - lean how to use the GraphQL APIs
- FAQ - common questions and answers about BoostSecurity
Boost Scanner¶
The Boost Scanner provides out-of-the-box static-analysis automation with over 150 tuned rules to find across all cloud platforms and half a dozen programming languages. The Boost Scanner rules have been screened, tested, and adjusted to provide high-signal, low-noise results directly to developers before code is in production.
- All Rules - see the list of 150+ rules support by the Boost Scanner
- Secrets - rules for detecting secrets in source code
- Insecure Coding - rules for discovering vulnerabilities like the OWASP Top 10
- CI/CD - Supply Chain - rules for CI/CD - Supply Chain misconfigurations
- AWS - rules for cloud misconfigurations in AWS terraform and cloud formation
- GCP - rules for cloud misconfigurations in GCP terraform
- Azure - rules for cloud misconfigurations in Azure terraform
- Kubernetes - rules for misconfiguration in Kubernetes manifests
- X.509 - rules for misconfigurations in X.509 certificates
Integrations¶
- Jira - connect BoostSecurity findings to JIRA
- Slack - connect the BoostSecurity Activity Feed to Slack to see findings as they are discovered
- Teams - connect the BoostSecurity Activity Feed to Teams to see findings as they are discovered
- Dependabot - connect the BoostSecurity to Github's Dependabot API