• Blog
  • Announcing Legit Security: The Story Behind Our Mission

Blog

Announcing Legit Security: The Story Behind Our Mission

I'm excited to share that Legit Security is officially launching out of stealth mode. While in stealth, we’ve been incredibly busy acquiring our current customers, building a platform for demanding enterprise environments, and securing funding from top-tier investors. We’ve already grown significantly as a company, including new offices in the U.S. and Israel and a greatly expanded team, as well as connected with so many valued customers, partners, investors, and advisors. But this is just the beginning, which is a realization that is both humbling and extremely exciting. 

Now that we’re out of stealth, I wanted to share why we created Legit Security and why we are so passionate about our mission. I’ll start by sharing a little about the co-founders and the extremely talented team we’ve assembled in a short period of time. 

Built for the DevSecOps Era

I’ve known co-founders Liav and Lior (pictured above) for many years beginning in the Israeli Defense Forces at Unit 8200. We gained invaluable experience there, but perhaps most important was learning that “anything is possible” in cybersecurity with the right talent, focus, and resources. 

After our military service, we worked in leading cyber security companies across Israel and recognized a growing gap between traditional AppSec tools and a new generation of rapidly evolving, modern software development environments. The gap was growing and traditional security tools and vendors were not catching up. 

Because of the adoption of agile development, cloud, and modern development pipelines, the approach needed to secure software releases was fundamentally changing. It's no longer just about “the code”. Software is now assembled in multiple steps across a supply chain leveraging many trusted contributors, pulling artifacts from countless repositories, built and assembled on underlying infrastructure that must be securely configured, and all the while providing speed, agility, and efficiency. These modern supply chain environments created a sprawling new attack surface - one that is increasingly exploited by over 2x-6x a year, depending upon the analyst, government agency, or vendor report you read. 

Thinking Holistically to Secure the Broader SDLC Environment

We had spent years building security solutions that scan code, and we saw that was clearly no longer enough. The world doesn't need another code scanner. The only way to secure modern software supply chain environments required a new solution approach that holistically enforced secure development policies and guardrails across the SDLC environment itself.

We founded Legit Security to address just that. We spent over a year in stealth building a platform and assembling the strongest team of Software Security experts across the U.S. and Israel, all sharing the same vision - bringing trust back to modern software releases. 

During this time, we were thrilled to see it quickly adopted by many organizations - from Fortune 500 companies to fast-moving software-driven businesses. What was common to all was using Legit to immediately get full visibility and control over what was actually going on across their software supply chain environments, spanning pipelines, infrastructure, code, and people. As one of our customers said, "I can't protect what I don't know”, and Legit was now providing the visibility, security, and continuous assurance they lacked. 

Our Vision Now Shared with Top-Tier VCs

During the last year, we also partnered with some of the world's leading investors and VCs - including Bessemer, TCV, and Cyberstarts. I’m thrilled they share the same vision for the future of software supply chain security, and that Legit is now so well positioned with the talent, focus, and resources for success. 

If you also share the same vision or want to learn more about Legit Security - feel free to reach out.

Share this guide

Published on
January 28, 2022

Book a 30 minute demo including the option to analyze your own software supply chain, if desired.