Legit Security and Wiz Partner to Deliver Comprehensive Security and Visibility from Code to Cloud

Technology Partnership Enables Mutual Customers to Reduce Cloud Risk and Gain Full Visibility of Entire Software Development Pipeline.

BOSTON, April 23, 2024 -- Legit Security, the leading platform for enabling companies to manage their application security posture across the complete developer environment, today announced its partnership with Wiz, the industry's leading cloud security provider. Through this partnership, customers can seamlessly integrate Wiz's cloud security platform into their existing workflows within a Legit-powered AppSec program. For customers, this integration enables a single pane of glass to application risk from code to cloud, correlation of cloud risk to its code source for faster remediation, and cloud context to better prioritize and fix vulnerabilities.

To support this partnership, Legit joined the Wiz Integrations (WIN) program. WIN enables Wiz and Legit to share prioritized security findings with context, including inventory, vulnerabilities, issues, and configuration findings. The combined value of these two offerings will streamline security for organizations on a cloud journey, regardless of how far along they may be.

Legit's platform enables security leaders, including CISOs, product security leaders, and security architects, to gain comprehensive visibility into risks across the development pipeline from the infrastructure to the application layer. With a crystal-clear view of the development lifecycle, customers ensure the code deployed is secure and compliant. 

Benefits to customers integrating Wiz into their Legit AppSec program include:

  • Shift left remediation: correlate code to cloud: Legit's complete visibility and code to cloud technology across the development environment enables customers to correlate and prioritize vulnerabilities, reaching runtime effectively. Legit can find all application risks, such as static analysis issues or misconfigured CI/CD pipelines that reach a critical runtime environment protected by Wiz.
  • Discover shadow assets: Once integrated with Wiz, Legit's pipeline discovery combined with Wiz's runtime inventory can detect more shadow assets, like artifact registries, that can be further integrated for complete posture management.
  • Central management of runtime and cloud vulnerabilities: Customers can monitor and manage all vulnerabilities discovered throughout the SDLC in a single pane of glass with the Legit platform. Legit's SDLC context enriches findings with crucial information, such as source code and owner, that makes remediation faster, ensures a more robust DevSecOps pipeline and stops issues at the source.
  • Contextual prioritization of risk: Combining Wiz and Legit enables mutual customers to monitor and manage their security posture from code to cloud effectively. Through this integration, mutual customers can identify risks across cloud, code, and CI/CD pipelines and have the context necessary to fix risks faster.

"We are thrilled to announce our partnership with Wiz," said Liav Caspi, Co-Founder and CTO at Legit Security. "This integration provides our joint enterprise customers with best-in-class ASPM to better protect applications through 'secure-by-design.' The result is the ability to both release secure applications and protect these assets at cloud runtime. We look forward to working with Wiz to provide these enhanced security capabilities to our customers."

WIN enables a cloud security operating model where security and cloud teams work collaboratively to understand and control risks across their CI/CD pipeline. Wiz is setting the industry standard in integrated solution strategy to maximize the operational capabilities of organizations with partners like Legit Security in WIN.


About Legit Security

Legit is a new way to manage your application security posture for security, product, and compliance teams. With Legit, enterprises get a cleaner, easier way to manage and scale application security and address risks from code to cloud. Built for the modern SDLC, Legit tackles the most challenging problems facing security teams, including GenAI usage, proliferation of secrets, and an uncontrolled dev environment. Fast to implement and easy to use, Legit lets security teams protect their software factory from end to end, gives developers guardrails that let them do their best work safely, and delivers metrics that prove the security program's success. This new approach means teams can control risk across the business – and prove it. Request a demo today!

Share this guide

Published on
April 23, 2024

Book a 30 minute demo including the option to analyze your own software supply chain, if desired.