Legit Security helps us secure our product's code pipeline. As a company developing cybersecurity products for other companies defense, it's crucial for our products to be free of security defects. A nightmare scenario would be if a product we sold was used by malicious actors to harm the very company we intended to help. To achieve this balance between security and agility, we utilize two products: Legit Security and Snyk. Snyk focuses on securing the application code itself, while Legit Security secures the entire pipeline, encompassing the code building, shipping, and delivery processes. At the time, Legit Security was the only product we could find that specifically focused on the security of the software delivery pipeline itself. The SolarWinds breach highlighted this critical need, as Russian actors tampered with the actual pipeline that delivered SolarWinds software. This allowed them to inject their malicious code into the final product. Consequently, we were highly motivated to find a solution that could help us secure our pipeline.
What started as code supply chain security rapidly expanded into application security posture management. Our use case is verifying and using it to ensure our developers are coding in a secure manner. We have about 300 different developers. I have 15 members of my security team, five of whom are on the ASM team and use Legit Security on a daily basis. Legit is deployed on the AWS cloud presence.
We're leaning into Legit to be the management plan across our SDLC. We use it for the enforcement of policies, ingestion of results from other scanning tools, and creating our SBOM. It's the central point of visibility, prioritization, and orchestration for our software development.
Legit Security provides application security posture management platform that secures application delivery from code to cloud and protects an organization's software supply chain from attack. The platform’s unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments and allow security issues to be prioritized based on context and business criticality to improve security team...
Legit Security helps us secure our product's code pipeline. As a company developing cybersecurity products for other companies defense, it's crucial for our products to be free of security defects. A nightmare scenario would be if a product we sold was used by malicious actors to harm the very company we intended to help. To achieve this balance between security and agility, we utilize two products: Legit Security and Snyk. Snyk focuses on securing the application code itself, while Legit Security secures the entire pipeline, encompassing the code building, shipping, and delivery processes. At the time, Legit Security was the only product we could find that specifically focused on the security of the software delivery pipeline itself. The SolarWinds breach highlighted this critical need, as Russian actors tampered with the actual pipeline that delivered SolarWinds software. This allowed them to inject their malicious code into the final product. Consequently, we were highly motivated to find a solution that could help us secure our pipeline.
What started as code supply chain security rapidly expanded into application security posture management. Our use case is verifying and using it to ensure our developers are coding in a secure manner. We have about 300 different developers. I have 15 members of my security team, five of whom are on the ASM team and use Legit Security on a daily basis. Legit is deployed on the AWS cloud presence.
We're leaning into Legit to be the management plan across our SDLC. We use it for the enforcement of policies, ingestion of results from other scanning tools, and creating our SBOM. It's the central point of visibility, prioritization, and orchestration for our software development.