Legit Security News
14 articles
Legit Security nets $40 million Series B to secure application delivery from code to cloud | CTech
Cybersecurity firm Legit Security has raised $40 million in a Series B funding round led by CRV, with participation from Cyberstarts, Bessemer Venture Partners, and TCV. The Israeli startups Application Security Posture Management (ASPM) platform helps reduce application risk through discovery, analysis, correlation, and remediation of application vulnerabilities. The company has seen rapid growth, with its platform deployments nearly doubling in size within the first year of implementation. Legit Securitys customers include Google, NYSE, Kraft Heinz, and Takeda Pharmaceuticals, among others. The company plans to end 2024 with approximately 100-120 employees.
InvestmentCustomersExpand
Legit Security Expands Platform Capabilities for Application Security Posture Management
Cybersecurity firm Legit Security has announced expanded capabilities for its Application Security Posture Management (ASPM) platform. The new features provide comprehensive visibility into an applications security posture, including deep contextual insights and automated detection-to-remediation workflows. This allows enterprises to release software quickly while protecting against evolving threats. The ASPM platform consolidates visibility and risk management across multiple development and security tools, providing a unified solution for streamlined management, scalability, and efficiency. The platform also includes new features for software supply chain security and compliance with industry standards.
Expand
Legit Security Announces New Partnership with Snyk
Cybersecurity firm Legit Security has announced a partnership with developer security leader Snyk. The collaboration aims to bridge the gap between security and development teams, improving productivity by contextualizing cybersecurity risks and prioritizing remediation to the most critical risks and applications. Legit Securitys platform provides real-time security posture management and deep security issue context, allowing teams to rapidly prioritize security issues and accelerate their productivity, effectiveness, and collaboration. The partnership will also enable organizations to have visibility and security control over their development environments.
Partners
Legit Security's Open-Source Security Tool "Legitify" Adds Support for GitLab and GitHub Enterprise Server
Legit Security, a cybersecurity company, has announced the expansion of its open-source security tool, Legitify, to include GitHub Enterprise Server and GitLab. The tool helps security and software development teams detect and remediate insecure configurations and vulnerabilities in these popular source-code management (SCM) systems. The expansion comes in response to multiple requests from enterprise organizations. Legitify is designed to identify and address insecure SCM configurations in real-time, ensuring that both cloud and on-premise SCM implementations are secure and compliant. The tools capabilities represent a subset of the broader security capabilities available on the enterprise-grade Legit Security Platform.
CustomersExpand
Legit Security Discovers "MarkdownTime", A Vulnerability in Markdown Services Affecting GitHub, GitLab and Countless Others
Legit Security, a cybersecurity company, has discovered a Denial-of-Service (DoS) vulnerability in Markdown libraries used by GitHub, GitLab, and other applications using a popular markdown rendering service called commonmarker. The vulnerability, dubbed MarkdownTime, allows an attacker to deploy a simple DoS attack that could disrupt application development pipelines globally. Legit Security has brought this vulnerability to the attention of the GitHub security team, which has acknowledged the issue and posted a fix. However, many other tools and services may also be susceptible to the same vulnerability.
Customers
Legit Security Discovers New Class of Development Pipeline Vulnerabilities; Open-Source Rust Programming Language Found Vulnerable
Legit Security, a cybersecurity company, has discovered a new class of software supply chain vulnerabilities that exploit artifact poisoning to attack software development pipelines. The vulnerability was found in GitHub Actions, a platform for orchestrating and automating software development pipelines, and was identified in the popular programming language Rust. The vulnerability could allow any GitHub user to replace legitimate development artifacts with malicious ones, enabling attackers to modify source code, steal secrets, and create wide-reaching software supply chain attacks. Rust acknowledged and fixed the vulnerability after initial disclosure by the Legit Security Research Team. However, many other GitHub Action projects remain potentially vulnerable.
Customers
Legit Security Selected for "Security Innovation of the Year" Award Shortlist
Cybersecurity firm Legit Security has been shortlisted for the Security Innovation of the Year Award in the 2022-2023 Cloud Awards program. The company, which provides software supply chain security and secure application delivery, competed against companies from the US, Canada, Australia, Europe, Israel, and the UK. The winners will be announced on February 7th, 2023. Legit Securitys platform offers a unified application security control plane and automated SDLC discovery and analysis capabilities, providing visibility and security control over rapidly changing environments.
Customers
Legit Security Named Winner of Top InfoSec Innovator Award for 2022
Legit Security, a cybersecurity company that provides an enterprise platform to secure an organization’s software supply chain, has been named a winner of the Top InfoSec Innovator Awards for 2022. The company competed against many leading providers of cybersecurity products and services to win this award. The judges evaluated thousands of information security companies to find the most innovative solutions to the most challenging cybersecurity issues. Legit Securitys platform helps organizations secure their software supply chains from attack and enables Application Security teams to improve efficiency, minimize their security workload, and prevent threats from reaching production environments.
Customers
Legit Security Is Named "Cloud Security Startup Of The Year" in the Cybersecurity Breakthrough Awards
Legit Security, a cybersecurity firm, has been named Cloud Security Startup of the Year in the Cybersecurity Breakthrough 2022 Awards. The awards aim to provide a comprehensive evaluation of cybersecurity companies and solutions. Legit Security was selected based on criteria including innovation, business impact, functionality, ease of use, and value. The company, which emerged from stealth mode on February 10, 2022, counts several Fortune 500 companies and leading cybersecurity firms among its customers. Legit Securitys platform aims to secure the pre-production development environments of the software supply chain.
Customers
Legit Security Launches Open-Source Security Product to Enforce and Scale Secure GitHub Configurations
Cybersecurity company, Legit Security, has announced the launch of Legitify, an open-source security tool designed to secure GitHub implementations. The tool helps security teams and DevOps engineers manage and enforce their GitHub configurations securely and efficiently. It can scan GitHub implementations to detect security issues, connect to GitHub via an access token, detect security issues and list them, and integrate with OSSF Scorecard. The tool is expected to save time and reduce human error, particularly in larger and more complex GitHub implementations.
CustomersExpand
Legit Security Announces Support For New Compliance Frameworks To Increase Software Supply Chain Security And Integrity
Cybersecurity firm Legit Security has announced new capabilities for its platform, including real-time risk scoring, drift monitoring, and support for additional compliance frameworks. The update is in line with a growing number of regulations, including the Presidents Executive Order for improving national cybersecurity. The platform provides high visibility across a companys software development life cycle (SDLC) to reduce security threats. It also supports regulatory requirements spanning SOC2, SLSA, ISO27001, and the Presidents Executive Order 14028. The platform is designed to increase security efficiency and effectiveness by reducing application risk from Source Code Management (SCM) to production deployment.
CustomersExpand
Legit Security Is Named Rising Star As Part Of Forbes' Cloud 100 List
Cybersecurity firm Legit Security has been named one of the 20 Rising Stars in Forbes 2022 Cloud 100 list, which ranks the top private cloud companies globally. The list is published in partnership with Bessemer Venture Partners and Salesforce Ventures. The Rising Stars are high-growth, category-leading cloud companies expected to join the Cloud 100 ranks. Legit Securitys platform secures an organization’s software supply chain. The company has seen rapid adoption of its solution by enterprise customers.
CustomersPartners
Legit Security Announces Free Risk Assessment to Help Organizations Secure Themselves From Escalating Software Supply Chain Attacks
Legit Security, a cybersecurity company, has announced a free Rapid Risk Assessment to help organizations mitigate the risk of software supply chain cyberattacks, particularly in light of Russias invasion of Ukraine. The risk assessment provides immediate insight into vulnerabilities across an organizations software supply chain and guidance on optimal security resource placement. The assessment is non-invasive and can be implemented in minutes via an agentless connection. The move comes as software supply chain attacks have increased 3x to 6x per year since the SolarWinds attack in 2020.
Customers
Legit Security raises $26.5 million Series A to protect software supply chains
Israeli cybersecurity startup Legit Security has raised $26.5m in a Series A funding round led by Bessemer Venture Partners and TCV. The company, which was founded in September 2020, has developed a solution to secure the software supply chain and development environments. The funding will be used to expand the companys sales teams in the US and its research team in Israel. Legit Securitys solution maps all the tools and processes in the enterprise software system and applies an advanced security model at all relevant stages.
InvestmentExpand
