Boost Security, an AI-native software development lifecycle (SDLC) defence platform, has acquired SecureIQx and Korbit.ai while securing $4m in additional funding.
The round was backed by White Star Capital, Amiral Ventures, Accelia Capital, and Sorensen Capital, with the proceeds earmarked for continued platform development.
The two acquisitions bring complementary capabilities to Boost Security’s offering. SecureIQx, a startup founded out of MIT, built a Software Composition Analysis reachability engine capable of examining both binary and source code across more than a dozen programming languages, helping organisations establish whether vulnerable components within their applications can actually be reached and exploited. Korbit.ai, meanwhile, developed an AI-driven pull request review platform that identifies security vulnerabilities, performance issues and coding flaws during the code review stage. Its technology has been trained on hundreds of millions of lines of code drawn from thousands of companies. Together, the two deals bring advanced reachability analysis, AI-native static application security testing (SAST) capabilities and code review tools into the Boost Security platform.
Boost Security describes itself as an AI-native SDLC defence platform built to operate at the same pace as modern coding agents. By bringing together Developer Endpoint Protection, Software Supply Chain Security and AI-Native ASPM within a unified platform, the company aims to secure the full development lifecycle. It actively defends the AI toolchain, blocks supply chain threats prior to ingestion and auto-remediates vulnerable code, enabling engineering teams to deliver at speed without security acting as a bottleneck.
The acquisitions and fundraise come against a backdrop of rapid change in software development, with AI tools generating ever-greater volumes of code and organisations increasingly dependent on large ecosystems of third-party packages and libraries. Security teams are consequently under pressure to assess mounting quantities of code while identifying which vulnerabilities represent a genuine risk in production environments.
Boost Security founder and CEO Zaid Al Hamami said, “We’re in a new era. By some estimates, 15 times more code was produced in 2025 than in 2024, and most of it wasn’t written or reviewed by humans. At the same time, supply chain attacks are becoming more frequent and more sophisticated. With these acquisitions, we are bringing deeper agentic capabilities into the Boost Security platform to meet that reality.”
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst
