BLog & News

News,Press & Research

Security research, product updates, and insights from the team building the AI-Native SDLC Defense Platform.

Featured Post
Events
November 4, 2022

BoostSecurity to Debut at OWASP 2022 Global AppSec

BoostSecurity debuts at OWASP 2022 Global AppSec—discover key insights, expert analysis, and the latest in application security from industry leaders.
Read Article
Latest Posts
Blog Articles

Weaponizing Dependabot: Pwn Request at its Finest

Discover how Dependabot can be weaponized to exploit CI/CD workflows. Learn attack techniques, real-world risks, and practical steps to protect your code.
May 30, 2026
Blog Articles

The Death of AppSec Is Greatly Exaggerated

Is AppSec really dead? A practical look at AI-powered security, Claude Code Security, and why enterprise security needs more than agentic code generation.
February 23, 2026
Blog Articles

Unveiling Bagel: Why Your Developer's Laptop is the Softest Target in Your Supply Chain

Discover your developer laptop attack surface with Bagel
February 9, 2026
Blog Articles

Defensive Research, Weaponized: The 2025 State of Pipeline Security

Discover how 2025 saw attackers weaponizing defensive research, turning CI/CD pipelines into battlegrounds using our own tools and methodologies.
December 5, 2025
Blog Articles

Don't Go with the flaw

Attack Vectors in the Go Module Ecosystem: Abusing Proxy Immutability and Decentralized Resolution
November 13, 2025
Blog Articles

Split-Second Side Doors: How Bot-Delegated TOCTOU Breaks The CI/CD Threat Model

Discover how Bot-Delegated TOCTOU vulnerabilities in GitHub Apps can compromise CI/CD pipelines, with real-world examples and mitigation strategies.
November 7, 2025
Blog Articles

Stop Letting AI Ship Time Bombs: Poutine MCP for CI/CD

Enhance your CI/CD security with Poutine MCP Server, enabling agent-driven audits of workflows and repos to prevent vulnerabilities in Build Pipelines
October 7, 2025
News

Vibe coding...meet safe packages.

boostsecurity's safe packages MCP server
October 2, 2025
Blog Articles

Developers under attack is the new black

Looking at the supply chain attacks of August and September 2025
September 18, 2025
There are no available blog matching the current filters.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Stay ahead of the threat.

Get the latest security research, pipeline attack analysis, and Boost product updates delivered to your inbox.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

The AI-Native SDLC Defense Platform. Securing the code, the agent, and the endpoint - before commit.

hello@boostsecurity.io

Montreal, Canada

Platform
Developer EndpointSupply Chain SecurityAI-Native ASPMBagel CLIBoost Labs
Company
AboutCareersBlogPress & MediaContact
Developers
DocumentationGitHubBagel on GitHubAPI ReferenceBoost MCP

© 2026 BoostSecurity Inc. All rights reserved.

Privacy PolicyTerms of Service