Austin, Texas, 5th June 2022, ZEXPRWIRE, Cybercrime has appeared more frequently in the news cycle over the past five years. Malicious software and attacks have only grown more sophisticated, and each new development cuts through enterprise defenses to capitalize on vulnerabilities that plague businesses worldwide. In total, the global market has already experienced a $1 trillion loss due to cybercrime. Business leaders worry about the security and fidelity of their software releases and their internal software development processes because of the compounding financial and reputational losses, but many don’t know how to best minimize their risks. 

Legit Security, an enterprise-level cybersecurity solutions company, is bringing a modern solution approach to the application security market. The company shields end-to-end software supply chain environments by automatically detecting vulnerabilities and securing an organization’s software pipelines, infrastructure, code, and people so that businesses can stay safe while releasing software fast. Legit Security’s ready-to-implement SaaS security platform supports cloud and in-house resources and combines automated discovery and analysis with hundreds of security policies developed by industry experts with real-world SDLC security experience.

The company has made a significant early impact by providing businesses with a free Rapid Risk Assessment, which goes through an organization’s entire software supply chain and returns a detailed report on any vulnerabilities and suspicious activity discovered within their code and infrastructure.

“Legit provides a single pane of glass to mitigate software development risk,” said Bob Durfee, Head of DevSecOps at Takeda Pharmaceutical Company. “We’re now able to inventory all our SDLC systems and security tools, view developer activity, and detect and remediate vulnerabilities across them fast. Legit’s security scoring also allows me to measure the security posture of different teams and show progress improving it.”

According to the Verizon Business 2022 Data Breach Investigation Report (2022 DBIR), supply chain breaches were responsible for 62% of system intrusion incidents this year. Legit Security is countering this growing risk category by providing solutions to companies across a variety of industry verticals, including financial services, healthcare and pharmaceuticals, retail, e-commerce, and technology.

“Legit helps us secure our CI/CD pipelines including tracking the security posture of our different teams and workspaces, addressing SDLC configuration drifts, and helping us apply security resources where it can help us most,” said Erik Bataller, VP of Security, ACV Auctions. “Legit’s platform enables our developers to maintain high velocity with minimal security friction and allows us to identify risk factors and adjust accordingly.”

Legit Security not only helps businesses protect themselves through their SaaS solution, but also through responsible disclosure and documentation of new security vulnerabilities discovered in the wild. The company keeps a pulse on the quickly expanding world of software supply chain security and is an active participant in standards bodies and industry organizations dedicated to bettering secure software development and the software supply chain, including but not limited to OpenSSF and the Linux Foundation. Just last month, Legit Security discovered a crucial vulnerability in the GitHub-Actions privilege escalation pipeline and responsibly disclosed this risk to the community.

“Attacks on software supply chains are estimated to increase between 3-6X per year and are a global threat,” said Liav Caspi, CTO of Legit Security. “We look forward to working with OpenSSF to publish security research and contribute tools and code for more secure software delivery and consumption across the entire community.”

Co-founders Roni Fuchs, Liav Caspi, and Lior Barak began their work on Legit Security in Israel, and they wanted to put an emphasis on business risk management and a single pane of glass to secure the broader software supply chain environment. The company launched out of stealth development in February 2022 with top-notch venture capital investors.For more information on Legit Security and their leadership position in this growing category of application security, please visit

Media Contacts

Name – Dex Tovin
E-mail – [email protected]
Company – Legit Security
Country – U.S.
City and State – Austin, Texas