TEL AVIV, Israel, Feb. 10, 2022 (GLOBE NEWSWIRE) — Legit Security, a cyber security company with an enterprise SaaS solution to secure an organization’s software supply chain, today announced its launch out of stealth mode with a Series A $30 million funding announcement with leading venture capital firms Bessemer Venture Partners and TCV. Prior seed funding was provided by CyberStarts, the premier cybersecurity venture capital firm in Israel. Legit Security protects software supply chains from attack by automatically discovering and securing the pipelines, infrastructure, code and people so that businesses can stay safe while releasing software fast. The company will use the funds to expand its engineering team and continue building its go-to-market organization in the United States with offices in Austin and Palo Alto.
According to Gartner®, 45% of organizations worldwide will have experienced attacks on their software supply chains by 2025, a three-fold increase from 2021. Companies can no longer rely solely on traditional security tools and code scanners for protection as more organizations adopt modern applications, agile development, and DevOps. These complex software supply chains at the heart of digital business and critical infrastructure are now prime targets for cyber-attacks, and require new security solutions.
“Enterprises increasingly rely on software to do business, and they’re adopting cloud, DevOps, CI/CD and agile techniques to move fast,” said Roni Fuchs, CEO of Legit Security. “However, this has created a huge new, unprotected attack surface that cybercriminals have targeted, and their attacks are escalating. Right now, enterprises don’t need another code scanner. They need a holistic security solution for the broader software supply chain environment. That’s why we founded Legit Security and brought on world-class cybersecurity experts that share the same vision.”
“Legit provides a single pane of glass to mitigate software development risk,” said Bob Durfee, Head of DevSecOps at Takeda Pharmaceutical Company. “We’re now able to inventory all our SDLC systems and security tools, view developer activity, and detect and remediate vulnerabilities across them fast. Legit’s security scoring also allows me to measure the security posture of different teams and show progress improving it.”
Legit Security helps companies protect their end-to-end software supply chain environment and software releases through automated vulnerability discovery and analysis, security policy enforcement, and continuous assurance. The platform scans software development pipelines for gaps and leaks, development infrastructure and systems within those pipelines, and the people and their security hygiene as they operate within it. The solution doesn’t interfere with existing development tools and workflows, and includes continuous assurance and governance capabilities to monitor adherence to regulatory requirements and compliance frameworks in real-time.
“Legit helps us secure our CI/CD pipelines including tracking the security posture of our different teams and workspaces, addressing SDLC configuration drifts, and helping us apply security resources where it can help us most,” said Erik Bataller, VP of Security, ACV Auctions. “Legit’s platform enables our developers to maintain high velocity with minimal security friction and allows us to identify risk factors and adjust accordingly.”
“Legit is providing us with visibility across the entire supply chain, which helps us minimize risk and raise analyst productivity,” said James Robinson, Deputy Chief Information Security Officer at Netskope. “Legit’s platform nicely complements our existing investments in application security tools and allows us to make better decisions in allocating our security controls and resources.”
“Legit Security’s platform visualizes and analyzes our software pipelines quickly to help ensure security compliance with regulatory frameworks, as well as the unique compliance requirements of some of our large financial services partners,” said Or Cohen, Principal Engineer at Melio. “Legit’s solution saves us time and resources and allows us to manage risk better.”
“Software supply chain attacks will continue to grow until new solutions are available to close diverse security gaps across these environments,” said Amit Karp, Partner at Bessemer Venture Partners. “We love how Legit developed an enterprise solution that is easy to deploy and delivers value in a couple hours.”
Legit Security is led by CEO Roni Fuchs, CTO Liav Caspi, and VP of R&D Lior Barak and has assembled a team of security experts from the renowned Israeli Defense Force’s Unit 8200, Checkmarx, Ping Identity, Duo/Cisco, Microsoft and other leading cybersecurity firms in the U.S. and Israel. For more information, visit legitsecurity.com.
About Legit Security
Legit Security protects software supply chains from attack by automatically discovering and securing the pipelines, infrastructure, code and people so that businesses can stay safe while releasing software fast. Legit provides an easy to implement SaaS solution that supports both cloud and on-premises resources and combines automated discovery and analysis capabilities with hundreds of security policies developed by industry experts with real-world SDLC security experience. This integrated solution keeps your software factory secure and provides continuous assurance that your applications are released without vulnerabilities.
Tony Keller, Legit Security
Katja Gagen, TCV