New platform protects developer machines, coding agents, and AI-generated code before it reaches the repository

MONTREAL, March 19, 2026 /PRNewswire/ -- Boost Security today announced Boost Security Developer Endpoint Security, a new platform designed to secure the rapidly expanding attack surface created by AI-powered software development. The platform gives security teams visibility and control over developer machines, coding agents, and AI-generated code, helping prevent supply chain attacks, credential leaks, and insecure code before it reaches the repository.

AI coding agents are dramatically increasing developer productivity, but they are also introducing new security risks. Developers are installing plugins, MCP servers, IDE extensions, and packages recommended by AI agents while credentials accumulate across configuration files, environment variables, and local machines. At the same time, AI systems can generate large volumes of code faster than organizations can verify it against secure coding standards or approved dependencies. The challenge is that security teams currently have little visibility into what developers and coding agents are running locally.

Boost Security Developer Endpoint Security addresses this gap by securing the developer environment directly, embedding protection into the tools, agents, and workflows where code is created rather than waiting to scan code after it enters the repository.

"AI coding agents are fundamentally changing how software gets built, but security has largely remained focused on scanning code after the fact," said Zaid Al Hamami, CEO and Founder, Boost Security. "Developer Endpoint Security moves protection upstream. It secures the developer machine, governs the coding agent, and ensures safer code is generated from the start."

Securing the Developer Machine, Coding Agent, and Generated Code

Boost Security Developer Endpoint Security provides security teams with centralized visibility and governance across developer environments while enabling developers to identify and remediate issues without slowing development velocity.

Boost Security customers like HUB International use Boost to enforce guardrails consistently.

"HUB's engineering organization is large and diversely grown, both organically and through M&A," said HUB International CISO Jeremy Embalabala. "We wanted one set of guardrails that applies to every change across our SDLC, and we wanted to ensure that the code we build or acquire, as well as the entire software supply chain infrastructure, is secured at every stage. Boost Security helps us get there, with controls natively built into engineering workflows through source control and CI/CD pipelines in a single comprehensive platform."

The platform secures the full AI development workflow, from the moment a prompt is sent to a coding agent to the moment code is committed.

Key capabilities include:

Developer Endpoint Visibility: Continuously discovers coding agents, MCP servers, AI models, IDE extensions, browser extensions, packages, and other development artifacts across the developer fleet, providing security teams with a real-time inventory of the tools developers and agents are using.Developer Endpoint Safety: Identifies exposed credentials across dotfiles, configuration directories, and environment variables while flagging machine configurations that increase the impact of a compromise.Coding Agent Safety: Ensures coding agents only run with approved MCP servers, plugins, and skills while preventing unvetted connections and configuration drift from organizational security policies.Secure Agentic Code Generation: Embeds guardrails into the coding agent workflow so generated code follows organizational secure coding guidelines, uses approved libraries, and is analyzed and remediated before being committed.Supply Chain Security: Evaluates packages, extensions, MCP servers, and other components for malware, typosquatting, exploitable vulnerabilities, end-of-life dependencies, and other indicators of compromise.Data Leakage Prevention: Scans outbound prompts before they reach external LLMs to detect and mask credentials, API keys, and sensitive data.Intelligent Security Remediation: Combines organizational context with vulnerability analysis to deliver AI-assisted fixes aligned with internal architecture patterns and compliance requirements.Centralized Policy and Enforcement: Allows security teams to define secure coding standards, allowlists, and denylists that apply consistently across both human-written and AI-generated code.Availability

Boost Security Developer Endpoint Security is available now.

About Boost Security

Boost Security builds security solutions designed for the realities of modern software development, helping organizations secure developer environments, AI-assisted coding workflows, and the software supply chain.

View original content:https://www.prnewswire.com/news-releases/boost-security-launches-developer-endpoint-security-to-secure-ai-driven-software-development-at-the-source-302718743.html

SOURCE Boost Security