BoostSecurity emerged from stealth last week with $12 million in seed money that CEO Zaid Al Hamami said will help them extend new development features for customers, hire more developers, and generally grow the business.
SC Media sat down with Al Hamami recently to discuss the magnitude of supply chain attacks and how BoostSecurity offers the kind of automation that before now was only available to hyperscale companies such as Amazon Web Services, Microsoft Azure and Google.
What are the major challenges that DevSecOps teams face in trying to develop code securely?
There are two big challenges. First, development teams are trying to build secure software, traditionally known as application security. The second is developing software securely. This second point implies that the way dev teams are building software could be abused in a supply chain attack. They are both inter-related in that both affect the CI/CD pipeline.
Read entire article here