Gomboc AI is a cloud infrastructure security company that provides an AI-driven platform for automating the security and compliance of Infrastructure-as-Code (IaC). The platform integrates into Git-based DevOps pipelines (GitHub, GitLab) to automatically scan pull requests (PRs) containing Terraform, CloudFormation, and Puppet configurations for misconfigurations and policy violations. Core capabilities include: - Automated PR review and policy enforcement using pre-built and custom security rules - Real-time, in-PR feedback enabling developer self-remediation of misconfigurations before deployment - Centralized compliance dashboard providing visibility across large repository portfolios - Support for organization-specific security policies alongside out-of-the-box rules - A Community Edition available for broader adoption Gomboc AI targets platform engineering, DevOps, and security teams at organizations managing large-scale cloud infrastructure. Its primary use case is shifting security left by catching and resolving IaC misconfigurations pre-deployment, reducing manual review workload, and enforcing consistent security policy coverage across cloud environments. The company was co-founded by Ian Amit (CEO), a security industry veteran with prior roles at Rapid7, ZeroFOX, and Amazon, and Matt Sweeney (CPO), formerly of Google Cloud Security/Mandiant and Fortinet. Investors include Hetz Ventures, Ballistic Ventures, and Glilot Capital Partners. The company is US-based and hiring software engineers.