%20Icon.svg){kind=small}
New features provide AppSec, development teams with increased visibility, automated security reviews
BOSTON, Massachusetts – July 16, 2025 – Legit Security, a global leader in AI-native application security posture management (ASPM), today announced enhanced capabilities for significant code change and workflow orchestration within its platform. These capabilities provide greater insight into changes in code, configuration, or infrastructure that can impact an application's security or compliance posture. With visibility into where everyday code changes are occurring and the appropriate workflows to resolve them, AppSec and development teams can overcome the challenges of disconnected tool sprawl, duplicate alerts, remediation without context, and hidden or unnoticed code.
Detecting, documenting, and addressing code changes is a security requirement due to high-impact, high-volume changes taking place within code, pipelines, dependencies, and policies. However, this requirement is often hampered by a lack of visibility due to the use of multiple tools and no consolidated view of the software development life cycle (SDLC). These roadblocks cause delays in reviewing, analyzing and actioning significant code change requests. In addition, without the right context, teams may needlessly act on code changes that don’t have a significant security impact or ignore those that do.
“As DevOps teams build and scale projects with open-source code and proprietary libraries, strong security requires deep detection and analysis of the current environment and significant code changes, as well as clear workflows that ensure issues are remediated,” says Liav Caspi, co-founder and CTO at Legit. “With this update, customers will get insights on numerous change types to determine what should be fixed and then take action against the code changes that require the most attention. This clarity helps developers focus on actual risks to the organization while reducing any development lag.”
Legit’s significant code change and advanced workflow features enhance context within ASPM by adding detailed change detection information, including change type, security impact level, commit ID/data, committer, review status, assignee, source, tags, repository, entity, and action type. Contextual, granular workflows enforce the organization’s security policy enforcement across the SDLC, and teams can block changes based on lack of guardrails, low Legit Score, material change, business impact, or deployment environment.
For more details on how Legit Security is streamlining AppSec and DevSecOps workflows, visit www.legitsecurity.com.
About Legit Security
The Legit Security ASPM platform is a new way to manage application security in a world of AI-first development, providing a cleaner way to manage and scale AppSec and address risks. Fast to implement, easy to use, and AI-native, Legit has an unmatched ability to discover and visualize the entire software factory attack surface, including a prioritized view of AppSec data from siloed scanning tools. As a result, organizations have the visibility, context, and automation they need to quickly find, fix, and prevent the application risk that matters most. Spend less time chasing low-risk findings, more time innovating.
Media Contact for Legit Security:
PANBlast for Legit Security