Customer Stories

Noname Security

Download Case Study


Despite the moniker, Noname Security is making a big name for themselves in the world of API security by protecting some of the world’s largest organizations from API-based attacks. And as a developer of SaaS solutions, they’re no strangers to the challenges organizations face in maintaining a rapid pace of innovation while continuously enforcing secure software delivery. As Karl Mattson, Noname’s CISO, says, “Security begins with us.”

In order to maintain the trust Noname’s customers have in their ability to protect them from API-based attacks, Karl and his team employ a wide range of open-source and off-the-shelf security solutions. And while these solutions deliver critical insights to the Noname security team, they are oftentimes difficult to use, noisy, and limited to point-in-time insights. Karl needed a solution that would cut through the noise and give him and his team holistic visibility and security across their entire SDLC.

Noname Security Office

Solution Requirements

  • Pre-production application visibility and security
  • Ease-of-use and deployment
  • Noise reduction
  • Improved collaboration
  • Faster mean time to remediation
  • Demonstrable application security posture management

How Collaborative Application Security Drives Better Business Outcomes For Noname

Karl needed a solution that would deliver high-quality, actionable data about critical vulnerabilities, misconfigurations and other risks to the software developers and DevOps engineers, without inundating them with false positives and alerts about expired SLAs. 

Meaningful visibility across the SDLC is exactly what Legit Security delivers for Karl and the rest of the Noname team. Legit integrates with Noname’s SDLC stack and application security toolset, with the AppSec team setting up policies, alerts and workflows to automatically analyze vulnerability and risk data, and to prioritize what needs to be addressed first. And Legit delivers continuously updated visibility into their application security posture, including SBOMs when requested. Noname is able to quickly demonstrate product security for prospective customers, freeing up time to stay focused on rapid secure software delivery and maintain their competitive edge.

Legit Value

  • End-to-end SDLC visibility
  • Demonstrable AppSec reporting
  • Improved collaboration
  • Reduced noise and risk-based prioritization
  • Faster and more secure application delivery

The Legit Solution

Legit’s ability to deliver deep visibility across the entire SDLC benefits Noname Security in many ways, both internal and external. The Noname application security team has a more collaborative risk remediation process with developers and DevOps by delivering higher-quality vulnerability detail and context that reduces noise and accelerates remediation. And Noname can now quickly generate critical information about their application security posture in minutes rather than days. Legit Security gives them the tools they need to improve secure software delivery and help close new business while reducing costs.

Benefits of a Secure SDLC Foundation
Legit provides a powerful tool for the security team(s) who leverage it for application security as well as SDLC oversight to provide an informed advisory perspective to other teams.

More collaborative application security with developer teams leveraging the platform’s risk scoring and deeper contextual information.


Smarter vulnerability management supported by observability and context across the SDLC to effectively prioritize security issues.


Continuous assurance and risk mgmt by identifying, prioritizing and remediating vulnerabilities that protect the business and meet compliance requirements.


Costs savings and productivity gains through automation and operational efficiencies that enable highly trained SMEs to focus on more strategic tasks.

Download the case study for details on how Legit Security helped Noname Security address its secure application delivery challenges.