Boost Security Announces Acquisitions of SecureIQx and Korbit.ai and $4M in Additional Funding

Deals

Strategic acquisitions and new capital accelerate company’s leadership position in AI-native application security

MONTREAL, May 6, 2026Boost Security today announced the acquisitions of SecureIQx and Korbit.ai, alongside $4 million in additional funding from White Star Capital, Amiral Ventures, Accelia Capital, and Sorensen Capital.

Software development is changing rapidly as AI tools generate increasing volumes of code and organizations rely on large ecosystems of third-party packages and libraries. Security teams must analyze growing amounts of code while determining which vulnerabilities actually pose risk in production systems.

Boost Security is the AI-Native SDLC Defense Platform that runs on the exact same clock as today’s coding agents. By unifying Developer Endpoint Protection, Software Supply Chain Security, and AI-Native ASPM into a single platform, Boost secures the entire development lifecycle. The platform actively defends the AI toolchain, blocks supply chain threats before ingestion, and auto-remediates vulnerable code, allowing engineering teams to ship at machine speed without the security bottleneck.

“Recent high-profile supply chain attacks are just the opening act,” said Catherine Ouellet-Dupuis, Partner, White Star Capital. “The deeper risk is that every engineering team on the planet is now shipping code written by AI agents that can unknowingly introduce vulnerabilities at machine speed and machine scale, and you can’t ask the same agent that wrote the bug to be your last line of defense. Boost is one of the few platforms built from the ground up to sit outside that loop, intercepting threats before they ever reach production. That’s the security architecture this new era demands.”

Acquisitions

  • SecureIQx, an MIT-founded startup, developed a Software Composition Analysis (SCA) reachability engine capable of analyzing both binary and source code across more than a dozen programming languages. The technology helps organizations determine whether vulnerable components are actually reachable and exploitable within their applications.
  • Korbit.ai built an AI-based pull request review platform designed to detect security vulnerabilities, performance issues, and coding flaws during the code review process. The technology has been trained on hundreds of millions of lines of code across thousands of companies.

Together, the acquisitions add advanced reachability analysis and AI-native SAST capabilities and code review technologies to Boost Security’s platform.

“We’re in a new era. By some estimates, 15 times more code was produced in 2025 than in 2024, and most of it wasn’t written or reviewed by humans. At the same time, supply chain attacks are becoming more frequent and more sophisticated. With these acquisitions, we are bringing deeper agentic capabilities into the Boost Security platform to meet that reality,” said Zaid Al Hamami, founder and CEO of Boost Security.

Funding

Boost Security also announced $4 million in additional funding from White Star Capital, Amiral Ventures, Accelia Capital, and Sorensen Capital. The investment will support continued development of the company’s platform.

About Boost Security

Boost Security is the AI-Native SDLC Defense Platform built to secure software at the speed of generation. The platform unifies Developer Endpoint Protection, Software Supply Chain Security, and AI-Native ASPM into a single execution engine. By actively protecting the AI workspace, blocking supply chain threats, and auto-fixing flawed code before the commit, Boost empowers engineering teams to leverage AI and floor the accelerator safely. Learn more at boostsecurity.io.

SOURCE Boost Security

Leave a Reply

Your email address will not be published. Required fields are marked *