News & Updates

We’re excited to announce that Bomfather has secured funding from Balaji Srinivasan, former CTO of Coinbase and one of the most respected voices in technology.

This investment validates our mission to revolutionize AI security through kernel level protection and will accelerate our development of revolutionary security.

The investment comes at a crucial time as organizations worldwide grapple with the security implications of AI deployment. Bomfather’s unique approach allows for protection with ultra easy integration and a minimal performance overhead.

Thank you for trusting us, Balaji!

We’re excited to announce the publication of our research paper “Bomfather: An eBPF-based Kernel-level Monitoring Framework for Accurate Identification of Unknown, Unused, and Dynamically Loaded Dependencies in Modern Software Supply Chains” on arXiv.

The paper introduces our revolutionary approach to software supply chain security, which addresses critical gaps in conventional dependency-tracking methods.

Key Research Takeaways

Our research demonstrates how kernel-level monitoring can provide tamper evident build time dependencies by computing cryptographic hashes of files accessed during compilation and constructing Merkle trees based on observed file content.

Unlike traditional static analysis approaches, our methodology accounts for:

• Unused dependencies that don’t affect the final artifact
• Partial library dependencies and dynamic linking
• Libraries loaded at runtime and short-lived build files

This results in significantly more precise Software Bills of Materials (SBOMs) and enhances trustworthiness in software artifacts through kernel-level evidence of build provenance.