PALO ALTO, Calif., April 19, 2023 (GLOBE NEWSWIRE) — Legit Security, a cyber security company with an enterprise platform that protects an organization’s software supply chain from attack and ensures secure application delivery, today announces new code to cloud traceability and security capabilities that capture deep security issue context and business insights to drive faster remediation and security issue prioritization for enterprise security teams. These capabilities extend the company’s existing market leadership position in software supply chain security by providing broader and more automated security issue discovery, correlation and remediation capabilities from code creation to cloud delivery and runtime. By using the Legit Security platform, enterprise security teams can greatly improve their efficiency and effectiveness by leveraging critical insights and deep security issue context to cut through the noise and quickly remediate the security issues that matter most. More details on this latest capability can be found on the company’s blog.
Modern software applications are driven by a demand for continuous innovation that has led to the adoption of DevOps, agile development, and rapid software releases to the cloud. However, this has created a sprawling and rapidly changing attack surface that requires a coordinated, real-time approach to security that spans Application Security, Cloud Security and Software Development teams. Yet, these teams lack end-to-end visibility and context into how applications are really built and deployed so they can cut through high levels of security issue noise, prioritize application risks effectively, and collaborate efficiently so they can quickly remediate the most critical risks first.
The Legit Security platform is providing deep visibility into security vulnerabilities and risks from code creation, through software build automation, to runtime deployment so that security teams can easily collaborate and build trust with software development teams while scaling their security operations to meet the speed of development. Automated code to cloud traceability and security also provides critical capabilities to define and track secure application delivery benchmarks, to build secure pipelines with optimal security guardrail coverage across the software development lifecycle (SDLC), and to manage clear cut strategies for shifting security left to improve efficiency.
“Traditional application security lacks an understanding of code lineage and how applications are built and shipped, creating a huge gap in the ability to secure application delivery end-to-end, in real time, across all stages of the SDLC,” said Liav Caspi, CTO and co-founder of Legit Security. “Our code to cloud traceability closes this gap. We’re providing visibility, context and correlation of both applications and their risks to bridge together the worlds of Application Security, Cloud Security and Development, which is exactly what the market needs to get to the next level of effectiveness. We’re enabling enterprises to better understand and prioritize the real risks that vulnerabilities pose to their applications, how that risk originated, and how it moved through their SDLC and to the cloud.”
Legit Security’s code to cloud traceability works by tracking code from the time it’s written, across all its pre-production build stages and binary forms, to when it’s deployed to a runtime environment. The platform automatically discovers and maps the connections and dependencies between systems, code, artifacts, third parties, developers and cloud environments and tracks the pathways used by individual application releases. This allows organizations to see where vulnerabilities in code will ultimately be deployed and also where vulnerabilities discovered in runtime originated in the SDLC, so that teams can quickly understand their ultimate impact and prioritize remediation for the most critical threats.
For more information on the Legit Security platform’s code to cloud capabilities, please visit our blog. To learn more about Legit’s broader platform capabilities spanning software supply chain security, unified application security control plane, and regulatory compliance and continuous assurance, please visit https://www.legitsecurity.com.
About Legit Security
Legit Security protects an organization’s software supply chain from attack and ensures secure application delivery, governance and risk management from code to cloud. The platform’s unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.