News & Press Releases

Filters


All News Press Releases X
Displaying of 84
  • SecurityBoulevard
    news

    Leading LLMs Insecure, Highly Vulnerable to Basic Jailbreaks

    May 23, 2024

    There are significant security concerns in the deployment of leading large language models (LLMs), according to a study from U.K. AI Safety Institute (AISI). The takeaway: The built-in safeguards in five LLMs released by major labs are ineffective.

    Read Now
  • Press Release - Legit Security - News Page Thumbnail
    press releases

    Legit Security Named a “Representative Vendor” in the Gartner® Market Guide for DevOps Continuous Compliance Automation Tools

    May 16, 2024

    Legit Security Named a “Representative Vendor” in the Gartner® Market Guide for DevOps Continuous Compliance Automation Tools

    Read Now
  • CRN - The Channel Co - News Page Thumbnail
    news

    12 Cybersecurity Startups To Watch From RSAC 2024

    May 9, 2024

    Numerous early-stage vendors—including in fast-growing areas such as cloud security and identity security—showcased at RSAC 2024 this week.

    Read Now
  • Security Week - News Page Thumbnail
    news

    RSA Conference 2024 – Announcements Summary (Day 2)

    May 8, 2024

    To help cut through the clutter, the SecurityWeek team is publishing a daily digest summarizing some of the announcements made by vendors. Here is a roundup of some of the most important new product, service and research announcements made on the second day of the event.

    Read Now
  • CSO - News Page Thumbnail
    news

    Most interesting products to see at RSAC 2024

    May 7, 2024

    Tools, platforms, and services that the CSO team recommends 2024 RSA Conference attendees check out. Themed the Art of Possible, the 2024 RSA Conference takes place between 6 and 9 of May and will offer insights into the latest trends, how to master new skills, and more.

    Read Now
  • Press Release - Legit Security - News Page Thumbnail
    press releases

    Legit Security Bolsters AI Supply Chain Security with Risky Model Detection

    May 7, 2024

    Legit Security's new features enable companies to discover unsafe AI models in the software development pipeline for secure code.

    Read Now
  • The IT Nerd Blog - News Page Thumbnail
    news

    Legit Security Releases Industry’s First Software Compliance and Attestation Trust Center

    April 30, 2024

    Legit Security, the leading platform for enabling companies to manage their application security posture across the complete developer environment, today announced extended software compliance, audit, and attestation support with the release of the industry’s first software compliance and attestation trust center.

    Read Now
  • Press Release - Legit Security - News Page Thumbnail
    press releases

    Legit Security Releases Industry’s First Software Compliance and Attestation Trust Center

    April 30, 2024

    Legit Security expands capabilities to support compliance, audit, and attestation, empowering organizations to prove software compliance faster with the most comprehensive control validation platform.

    Read Now
  • Security Magazine - News Page Thumbnail
    news

    New research discovers vulnerability in an archived Apache project

    April 23, 2024

    Research from Legit Security has disclosed a vulnerability in an archived Apache project. The vulnerability discovered was a dependency confusion, otherwise known as dependency hijacking or substitution attack.

    Read Now
  • The IT Nerd Blog - News Page Thumbnail
    news

    New Dependency Confusion Vulnerability Discovered In Archived Apache Project

    April 23, 2024

    Legit Security has disclosed that its research team has recently discovered a dependency confusion, aka dependency hijacking or substitution attack, vulnerability in an archived Apache project.

    Read Now
  • The Hacker News - News Page Thumbnail
    news

    Apache Cordova App Harness Targeted in Dependency Confusion Attack

    April 23, 2024

    Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness.

    Read Now
  • InfoSecurity Magazine - News Page Thumbnail
    news

    Dependency Confusion Vulnerability Found in Apache Project

    April 23, 2024

    According to new data by Legit Security, who made the discovery, the finding underscores the importance of scrutinizing third-party projects and dependencies.

    Read Now
  • Press Release - Legit Security - News Page Thumbnail
    press releases

    Legit Security and Wiz Partner to Deliver Comprehensive Security and Visibility from Code to Cloud

    April 23, 2024

    Legit Security, the leading platform for enabling companies to manage their application security posture across the complete developer environment, today announced its partnership with Wiz, the industry's leading cloud security provider.

    Read Now
  • The IT Nerd Blog - News Page Thumbnail
    news

    Legit Security Now Offered Through GuidePoint Security

    April 18, 2024

    Legit Security, the leading platform for enabling companies to manage their application security posture across the complete developer environment, today announced a strategic reseller partnership with GuidePoint Security, the leading cybersecurity solution provider that empowers organizations to make smarter decisions and minimize risk.

    Read Now
  • Global Security Magazine - News Page Thumbnail
    news

    Legit Security Now Offered Through GuidePoint Security

    April 18, 2024

    Legit Security announced a strategic reseller partnership with GuidePoint Security, the leading cybersecurity solution provider that empowers organizations to make smarter decisions and minimize risk.

    Read Now
  • Press Release - Legit Security - News Page Thumbnail
    press releases

    Legit Security Now Offered Through GuidePoint Security

    April 17, 2024

    Legit Security, the leading platform for enabling companies to manage their application security posture across the complete developer environment, today announced a strategic reseller partnership with GuidePoint Security, the leading cybersecurity solution provider that empowers organizations to make smarter decisions and minimize risk.

    Read Now
  • MSSP Alert - News Page Thumbnail
    news

    MSSP Market News: Nozomi Networks, Tenable, Everfox, Microsoft

    March 13, 2024

    Each business day MSSP Alert delivers a quick lineup of news, analysis and chatter from across the MSSP, MSP and cybersecurity world.

    Read Now
  • Reversing Labs - News Page Thumbnail
    news

    7 ways to put your code on a diet — and improve AppSec in the process

    March 20, 2024

    Code bloat is at the root of many security problems. Here's how development teams can bolster application security with more efficient code.

    Read Now
  • The IT Nerd Blog - News Page Thumbnail
    news

    Legit Security Launches AI-Powered, Enterprise-Grade Secrets Scanning Product

    March 26, 2024

    Legit Security, the leading platform for enabling companies to manage their application security posture across the complete developer environment, today announced the launch of its standalone enterprise secrets scanning product, which can detect, remediate, and prevent secrets exposure across the software development pipeline.

    Read Now
  • Helpnet Security - News Page Thumbnail
    news

    Legit Security launches enterprise secrets scanning solution

    March 26, 2024

    Legit Security has unveiled its standalone enterprise secrets scanning product, which can detect, remediate, and prevent secrets exposure across the software development pipeline. An AI-powered solution that enables secrets discovery beyond source code, Legit’s offering is built to meet the needs of even the most complex development organizations.

    Read Now
  • MSSP Alert - News Page Thumbnail
    news

    MSSP Market News: Legit Security, Claroty, Axonius

    March 26, 2024

    Each business day MSSP Alert delivers a quick lineup of news, analysis and chatter from across the MSSP, MSP and cybersecurity world.

    Read Now
  • DevPro Journal - News Page Thumbnail
    news

    How to Take Software to Market Fast and With Minimal Security Risks

    March 26, 2024

    Software is a crucial business driver for most companies today, meaning software development needs to be lightning-fast. To maintain both speed and security, many companies now integrate automated security tests such as static analysis and software composition analysis (SCA) early in the development process, eliminating costly code fixes later on.

    Read Now
  • Federal News Network - News Page Thumbnail
    news

    Why selling software to the government is like visiting a confessional booth

    March 27, 2024

    Final rules have kicked-in for companies selling software to the government. They must now attest to the fact that they used secure development practices. Their reference must be the Secure Software Development Framework from the National Institute of Standards and Technology.

    Read Now
  • Press Release - Legit Security - News Page Thumbnail
    press releases

    Legit Security Launches AI-Powered, Enterprise-Grade Secrets Scanning Product

    March 26, 2024

    Legit Security, the leading application security posture management (ASPM) platform that enables secure application delivery, today announced an AI-powered solution that enables secrets discovery beyond source code, Legit’s offering is built to meet the needs of even the most complex development organizations.

    Read Now
  • Bank Info Security - News Page Thumbnail
    news

    Experts Say CISA's Software Attestation Form Lacks Key Parts

    March 13, 2024

    The U.S. federal government's secure software development self-attestation form for manufacturers takes bold steps towards securing the supply chain but lacks key components that should be incorporated into iterative versions of the document, experts told Information Security Media Group.

    Read Now
  • MSSP Alert - News Page Thumbnail
    news

    MSSP Market News: Nozomi Networks, Tenable, Everfox, Microsoft

    March 13, 2024

    Legit Security, an application security posture management (ASPM) platform provider, has appointed Justin Bradley as the company’s new vice president of Customer Success. Bradley spent a majority of his career at CyberArk, where he created and grew the global customer success team. He will scale Legit Security’s customer success team to bolster customer expansion, cross-selling and retention, the company said.

    Read Now
  • Press Release - Legit Security - News Page Thumbnail
    press releases

    Legit Security Strengthens Leadership Team to Drive Customer Success

    March 12, 2024

    Legit Security, the leading application security posture management (ASPM) platform that enables secure application delivery, today announced the expansion of its senior leadership team, appointing Justin Bradley as the company’s new Vice President of Customer Success.

    Read Now
  • SC Media - News Page Thumbnail
    news

    How teams can make use of the White House report on secure and measurable software

    March 7, 2024

    The White House Office of the National Cyber Director (ONCD) released a report last week on how the industry can get on a path to secure and measurable software. ONCD’s report highlights two areas that would improve software security and calls on the technical community to take steps to address them. The first starts with the use of memory-safe programming languages, the other focuses on the development of diagnostics to measure cybersecurity quality.

    Read Now
  • Forbes - News Page Thumbnail
    news

    Roni Fuchs Co-Founds Legit Security To Protect Software Supply Chain

    March 6, 2024

    Roni Fuchs grew up in Jaffa, a tough neighborhood in Tel Aviv, Israel where he learned the value of hard work, exposed to technology at an early age by his Romanian immigrant and engineer father.

    Read Now
  • Helpnet Security - News Page Thumbnail
    news

    Using AI to reduce false positives in secrets scanners

    February 27, 2024

    As development environments grow more complex, applications increasingly communicate with many external services. When a software development project communicates with an external service, it utilizes a token or “secret” for authentication.

    Read Now
  • Press Release - Legit Security - News Page Thumbnail
    press releases

    Legit Security Releases Industry’s First AI Discovery Capabilities

    February 13, 2024

    Legit Security announced the availability of the cybersecurity industry’s first AI discovery capabilities today. With these new capabilities, Legit helps bridge the gap between security and development by enabling CISOs and AppSec teams to understand where and when AI code is used and take action to ensure proper security controls are in place - without slowing software delivery.

    Read Now
  • Press Release - Legit Security - News Page Thumbnail
    press releases

    Legit Security Delivers AI-Powered Accuracy to Secrets Scanning

    January 23, 2024

    Legit Security today announced expanded and AI-powered capabilities to detect and protect secrets across the software development pipeline. With secrets at the heart of enabling applications to operate, understanding where they exist – beyond hard-coded secrets and source code - and preventing secrets from leaking is paramount.

    Read Now
  • GlobeNewsire
    press releases

    Legit Security Announces Historic 2023 Year-End

    January 10, 2024

    Legit Security announced that 2023 delivered the most successful year in the company’s history, including most recently being named to the Fortune Cyber 60 list of the most important venture-backed startups.

    Read Now
  • CisionPrNewswire
    press releases

    Legit Security Secures $40 Million Series B Investment Led by CRV

    September 20, 2023

    Legit Security, a cyber security company with an enterprise Application Security Posture Management (ASPM) platform, has successfully closed a $40 million venture capital round investment led by CRV with participation from existing investors Cyberstarts, Bessemer Venture Partners, and TCV.

    Read Now
  • CisionPrNewswire
    press releases

    Legit Security Announces Integration with CrowdStrike to Bring Application Security Posture Management to Customers

    August 1, 2023

    Legit Security announced a partnership with CrowdStrike, a global leader in cloud-delivered protection of endpoints, cloud workloads, identity, and data protection. With this partnership, Legit Security integrates with the CrowdStrike Falcon® platform to provide extended application security, auto-discovery, and vulnerability management. Leveraging the two solutions, customers can automatically trace cloud application vulnerabilities back to their code origin and more rapidly prioritize and remediate security issues leveraging deep application context.

    Read Now
  • Yahoo
    press releases

    Legit Security Discovers and Helps Remediate CI/CD Vulnerabilities in Google Open-Source Projects

    July 18, 2023

    Legit Security announced that it discovered Continuous Integration/Continuous Delivery (CI/CD) security vulnerabilities in open-source projects from Google. The Legit Security Research Team found a vulnerability leveraging "GitHub environment injection" that allows attackers to take control of a vulnerable project's GitHub Actions CI/CD pipeline.

    Read Now
  • GlobeNewsire
    press releases

    Legit Security Wins 7 Industry Awards As RSA Conference Wraps Up

    May 2, 2023

    Legit Security announced that it has won seven industry awards for its innovative cybersecurity solution. The company joins a rare group of companies that are broadly and consistently recognized for their innovation and market leadership from a consensus of leading cybersecurity experts and judges.

    Read Now
  • GlobeNewsire
    press releases

    Legit Security Extends Platform Capabilities for Code to Cloud Visibility and Security

    April 19, 2023

    Legit Security today announces new code to cloud traceability and security capabilities that capture deep security issue context and business insights to drive faster remediation and security issue prioritization for enterprise security teams. These capabilities extend the company’s existing market.

    Read Now
  • GlobeNewsire
    press releases

    Legit Security Announces New Partnership with Snyk

    April 12, 2023

    Legit Security announced a partnership with Snyk, the leader in developer security. Together, Legit Security and Snyk help bridge the gap between security and development teams by scaling-up security from code to cloud through the combination of secure code and secure application delivery...

    Read Now
  • GlobeNewsire
    press releases

    Legit Security Uncovers Remote Code Execution Vulnerability in Microsoft’s Azure Pipelines, Posing Serious Risks to Software Supply Chains

    April 4, 2023

    Legit Security today announced that it has uncovered a remote code execution vulnerability in Microsoft’s Azure Pipelines. The vulnerability allows attackers to exploit Microsoft’s Azure DevOps Servers to initiate software...

    Read Now
  • GlobeNewsire
    press releases

    Legit Security Add Supports For More Regulatory Compliance Frameworks To Strengthen Software Supply Chain Security

    March 22, 2023

    Legit Security today announces support for additional regulatory compliance frameworks and standards to improve software supply chain security, including ISO 27001, SSDF, FedRAMP, SLSA, NIST, SBOM, and SOC2...

    Read Now
  • GlobeNewsire
    press releases

    Legit Security’s Open-Source Security Tool “Legitify” Adds Support for GitLab and GitHub Enterprise Server

    January 26, 2023

    Legit Security today announced that Legitify, the open-source security tool that it maintains in addition to its enterprise SaaS platform, has expanded support to include GitHub Enterprise Server and GitLab...

    Read Now
  • GlobeNewsire
    press releases

    Legit Security Discovers “MarkdownTime”, A Vulnerability in Markdown Services Affecting GitHub, GitLab and Countless Others

    January 19, 2023

    Legit Security today announced that it discovered an easy to exploit Denial-of-Service (DoS) vulnerability in Markdown libraries used by GitHub, GitLab and countless other applications using a popular...

    Read Now
  • GlobeNewsire
    press releases

    Legit Security Discovers New Class of Development Pipeline Vulnerabilities; Rust Programming Language Vulnerable

    December 8, 2022

    Legit Security today announced that it discovered a new class of software supply chain vulnerabilities that leverage artifact poisoning to attack underlying software development pipelines...

    Read Now
  • MENAFN - News Page Thumbnail
    press releases

    Legit Security Selected For Security Innovation Of The Year Award Shortlist

    December 6, 2022

    Legit Security today announced it has been shortlisted for the “Security Innovation of the Year” Award for the 2022-2023 Cloud Awards program. Legit Security competed against companies across the US, Canada, Australia, Europe, Israel, and the UK in an international awards program...

    Read Now
  • Yahoo
    press releases

    Legit Security Named Winner of Top InfoSec Innovator Award for 2022

    October 27, 2022

    Legit Security has been named a winner of the Top InfoSec Innovator Awards for 2022. Judges looked at thousands of information security companies to search for those with the most innovative solutions to some of the most challenging cybersecurity issues facing the marketplace today...

    Read Now
  • Yahoo
    press releases

    Legit Security named "Cloud Security Startup of The Year" in the Cybersecurity Breakthrough Awards

    October 6, 2022

    Legit Security has been named “Cloud Security Startup of the Year” in the Cybersecurity Breakthrough 2022 Awards. The awards program aims to provide the most comprehensive evaluation of cybersecurity solutions...

    Read Now
  • GlobeNewsire
    press releases

    Legit Security Launches Open-Source Security Product to Enforce and Scale Secure GitHub Configurations

    October 5, 2022

    Legitify is a GitHub misconfiguration scanner that helps security teams and DevOps engineers manage and enforce their GitHub configurations in a secure and scalable way. Legitify is a cross-platform security tool that works with Windows, Mac, and Linux and...

    Read Now
  • Benzinga
    press releases

    Legit Security Announces Support For New Compliance Frameworks To Increase Software Supply Chain Security And Integrity

    August 10, 2022

    In accordance with a growing number of regulations including the President's Executive Order for improving the nation's cybersecurity, the latest Legit Security platform update addresses a wide range of...

    Read Now
  • GlobeNewsire
    press releases

    Legit Security Is Named Rising Star As Part Of Forbes’ Cloud 100 List

    August 9, 2022

    Legit Security is named one of 20 Rising Stars as part of the seventh-annual Forbes 2022 Cloud 100 list. The Cloud 100 List is a definitive list of the top private cloud companies in the world, published by Forbes in partnership with Bessemer Venture Partners and Salesforce Ventures. “We are deeply honored to...

    Read Now
  • GlobeNewsire
    press releases

    Legit Security Discovers GitHub Privilege Escalation Vulnerability and Warns Organizations To Protect Themselves From Potential Software Supply Chain Attacks

    April 12, 2022

    Legit Security today announced the responsible disclosure of recently found GitHub-Actions pipeline privilege escalation vulnerabilities. These vulnerabilities...

    Read Now
  • GlobeNewsire
    press releases

    Legit Security Announces Free Risk Assessment to Help Organizations Secure Themselves From Escalating Software Supply Chain Attacks

    February 28, 2022

    Legit Security today announced a free Rapid Risk Assessment to help organizations proactively mitigate the risk of crippling software supply chain...

    Read Now
  • Yahoo
    press releases

    Legit Security Launches Out of Stealth with Series A Investment to Secure Software Supply Chains

    February 10, 2022

    Legit Security announced its launch out of stealth mode with a Series A $30 million funding announcement with leading venture capital firms Bessemer Venture Partners and TCV. Prior seed funding was provided by...

    Read Now
  • CisionPrNewswire
    press releases

    Legit Security Expands Platform Capabilities for Application Security Posture Management

    August 22, 2022

    Legit Security announced expanded capabilities to provide comprehensive visibility into an application's security posture, including deep contextual insights and automated detection-to-remediation workflows so enterprises can release software fast while protecting against evolving threats.

    Read Now
  • Axios - News Page Thumbnail
    news

    Microsoft's latest flaw hits open-source projects

    January 30, 2024

    A team of security researchers has uncovered a flaw in Microsoft's code development and testing environment that could affect upward of 70,000 open-source projects, according to a report first shared with Axios.

    Read Now
  • DevOps
    news

    Legit Security Applies AI to Detect Vulnerable Application Secrets

    January 23, 2024

    Legit Security today announced it has expanded the scope of its application security posture management (ASPM) platform to make use of artificial intelligence (AI) to discover secrets more accurately in applications that cybercriminals can actually exploit.

    Read Now
  • DarkReading
    news

    First Step in Securing AI/ML Tools Is Locating Them

    January 19, 2024

    Security teams need to start factoring for these tools when thinking about the software supply chain. After all, they can't protect what they don't know they have.

    Read Now
  • Fortune Magazine - News Page Thumbnail
    news

    Fortune Cyber 60

    January 10, 2024

    Ask any CEO about the biggest risks to their business, and cybersecurity is sure to be near the top of the list. Fortune teamed up with Lightspeed Venture Partners to identify the fastest-growing startups in this critical field.

    Read Now
  • NEWS - The Information - News Page Thumbnail
    news

    Legit Security Uncovers Supply Chain Weakness in Popular Hugging Face Repository

    December 7, 2023

    Over the past year, we’ve seen plenty of examples of large language models spitting out worrisome content, from encouraging users to harm themselves to providing them with instructions on how to build bombs.

    Read Now
  • SecurityBoulevard
    news

    Legit Discovers “AI Jacking” Vulnerability in Popular Hugging Face AI Platform

    October 23, 2023

    Our research revealed how attackers could leverage Hugging Face, the popular AI development and collaboration platform, to carry out an AI supply chain attack that could impact tens of thousands of developers and researchers.

    Read Now
  • TechCrunch - News Page Thumbnail
    news

    Legit Security lands $40M to lock down apps and dev environments

    September 20, 2023

    Legit Security, a cybersecurity company developing a platform to identify app vulnerabilities from code, has raised $40 million in a Series B funding round led by CRV with participation from Cyberstarts, Bessemer Venture Partners and TCV.

    Read Now
  • SecurityBoulevard
    news

    What is Application Security Posture Management – Insights Into Gartner’s® New Report

    May 15, 2023

    On May 5th, Gartner published an Innovation Insights Report that outlines the latest evolution in AppSec– Application Security Posture Management (or ASPM for short). ASPM is something that we at Legit Security have been pioneering for over a year – a revolution in the way modern application security can be done more...

    Read Now
  • TechTarget
    news

    Azure Pipelines vulnerability spotlights supply chain threats

    May 30, 2023

    Legit Security researchers discovered a remote code execution flaw within Microsoft's Azure DevOps platform that could give threat actors complete control of development pipelines. Researchers with Israeli startup Legit Security discovered a vulnerability in Microsoft Azure Pipelines that could let threat actors submit...

    Read Now
  • GRC Outlook
    news

    GRC Outlook - Ensuring Application Integrity and Compliance

    March 1, 2023

    The world today is getting more dependent on technology all around us. Every application that businesses today rely on might have a security loophole that attackers can effectively utilize to harness confidential information, disrupt business operations, or use as a stepping stone for broader attacks.

    Read Now
  • venturebeat
    news

    Denial of Service Vulnerability Found in Libraries used by GitHub & Others

    January 17, 2023

    In a recent development, Legit Security today announced its discovery of an easy-to-exploit DoS vulnerability in markdown libraries used by GitHub, GitLab and other applications, using a popular markdown rendering service called commonmarker...

    Read Now
  • Hackaday
    news

    GitHub Actions, Sha-1 Retirement, And A Self-worming Vulnerability

    December 23, 2022

    It should be no surprise that running untrusted code in a GitHub Actions workflow can have unintended consequences. It’s a killer feature, to automatically run through a code test suite whenever a pull request is opened. But that pull request is run in some part...

    Read Now
  • TheNewStack
    news

    GitHub Actions Were Vulnerable to Rust Artifact Poisoning

    December 12, 2022

    A new class of software supply chain vulnerability in GitHub Actions and Rust leverages artifact poisoning to attack the underlying software development pipelines. People are way too inclined to believe that just because some program, language, operating system...

    Read Now
  • DarkReading
    news

    Artifact Poisoning in GitHub Actions Imports Malware Into Software Pipelines

    December 1, 2022

    Legit Security researchers discovered that attackers submitting changes to an open-source repository on GitHub could cause downstream software projects to compile updates with malicious code. ...

    Read Now
  • EnterpriseViewpoint
    news

    Legit Security: Redefining the Future of Software Supply Chain Security

    November 28, 2022

    Most organization’s development team don’t have a fully resourced and dedicated security team, making it a challenging task to get rid of all vulnerabilities and deliver secure software. This is where Legit Security comes into the picture with a mission to secure applications at scale...

    Read Now
  • venturebeat
    news

    How scanning GitHub helps secure open-source software supply chains

    October 3, 2022

    Legitify is an open-source GitHub configuration scanner from Legit Security that helps security teams and DevOps engineers manage and enforce their GitHub configurations in a secure and scalable way.

    Read Now
  • GRC Viewpoint
    news

    Software Supply Chain Security and the Rapidly Evolving Regulatory Landscape

    September 19, 2022

    All you need to know about software supply chain security and the rapidly evolving regulatory landscape, including who is most affected...

    Read Now
  • Yahoo
    news

    Legit Security Discovers and Helps Remediate Software Supply Chain Vulnerabilities in Google Firebase & Apache Open-Source Projects

    September 14, 2022

    Legit Security, a cyber security company with an enterprise platform to secure an organization’s software supply chain, today announced that it discovered software supply chain attack...

    Read Now
  • venturebeat
    news

    In the second half of 2022, key leaders emerge across diverse industries

    September 14, 2022

    Legit Security launched out of stealth in February 2022 with a cyber security solution to secure software supply chains used by organizations to build and release software applications. As cyber attacks to the software supply chain are projected to increase...

    Read Now
  • CisionPrNewswire
    news

    Cloud Native Computing Foundation Continues Significant Membership Growth, Highlighting Ubiquity of Cloud Native Tech

    September 13, 2022

    The fact that we are still seeing so many new organizations of all sizes, industries, and geographies joining CNCF is a testament that cloud-native...

    Read Now
  • TheRegister
    news

    Merge Requests and Insecure GitHub Workflows May Lead to Software Supply-Chain Attacks

    September 1, 2022

    Security researchers at Legit Security identified software supply chain vulnerabilities in the GitHub automated workflows used by Google Firebase and Apache Camel.

    Read Now
  • DarkReading
    news

    Code-Injection Bugs Bite Google, Apache Open Source GitHub Projects

    September 1, 2022

    Security vulnerabilities discovered by Legit Security in very popular open source projects from Apache and Google could be used to modify source code, steal secrets, and move laterally inside an organization.

    Read Now
  • SCMedia
    news

    Attack Vulnerability Announced Two Days After Google's Vulnerability Rewards Program Launch

    September 1, 2022

    Just two days after Google announced the Open Source Software Vulnerability Rewards Program, Legit Security reported attack vulnerabilities in open-source projects from Google.

    Read Now
  • MarketsInsider
    news

    Legit Security Protects Against Modern Threats to Software Applications and Their Supply Chain

    August 10, 2022

    Business innovation relies on speed and agility to engage customers in new ways though their software applications and digital business models. However, the hard work that businesses invest in...

    Read Now
  • Digital Journal
    news

    Legit Security Brings a Needed Layer of Protection to the SDLC Pipeline

    June 5, 2022

    Cybercrime has appeared more frequently in the news cycle over the past five years. Malicious software and attacks have only grown more sophisticated, and each new development...

    Read Now
  • DevOps
    news

    Researchers Find Privilege Escalation Vulnerabilities in GitHub Repos

    April 5, 2022

    Legit Security today revealed that it discovered a privilege escalation vulnerability in GitHub repositories that has since been remediated. Liav Caspi, Legit Security CTO, said the company worked with GitHub to...

    Read Now
  • Security Week - News Page Thumbnail
    news

    Legit Security Raises 30M to Tackle Software Supply Chain Security

    February 14, 2022

    A team of Israeli entrepreneurs with roots in the application security ecosystem is taking a stab at software supply chain security with big backing from Bessemer Venture Partners. The venerable venture capital firm is leading...

    Read Now
  • VentureCapitalJournal
    news

    Legit Security Gather 30M Series A

    February 10, 2022

    Legit Security, a cybersecurity company in the rapidly growing software supply chain security space, has announced $30 million from top tier investors for their Series A funding...

    Read Now
  • SecurityBoulevard
    news

    Securing Your CI/CD Pipeline: Exploring the Dangers of Self-Hosted Agents

    June 9, 2023

    Continuous Integration/Continuous Deployment (CI/CD) pipelines have become crucial to modern software development practices. CI/CD pipelines can significantly improve development efficiency and software quality by automating the process of building, testing, and deploying code.

    Read Now
  • Press Release - Legit Security - News Page Thumbnail
    press releases

    GitHub Actions Insecurity: New Research From Legit Security Reveals Most GitHub Actions Susceptible to Exploit

    July 16, 2024

    GitHub has quickly become an essential resource for the developer community by enabling developers to work together on development projects and see each other’s changes in real-time.

    Read Now
    -
    -

Request a demo including the option to analyze your own software supply chain.