In an era of increasing digital threats, cybersecurity remains a paramount concern for businesses worldwide. Enter Legit Security, a pioneering cybersecurity company, which has recently announced on TechCrunch that they’ve secured an impressive $40 million in a Series B funding round led by CRV, with participation from Cyberstarts, Bessemer Venture Partners, and TCV. The funds raised will be instrumental in furthering Legit’s mission to fortify application security and elevate its platform to new heights.
Founded by three cybersecurity experts, Roni Fuchs, Liav Caspi, and Lior Barak, who previously served together in the cyber warfare division of the Israel Defense Forces (IDF), Legit Security brings a unique perspective to the world of application security. After their IDF tenure, the trio gained experience at tech giants like Microsoft and Checkmarx, an app security testing firm. Drawing from their combined government and private-sector experiences, they identified a critical gap in the industry: traditional app security scanners were failing to provide comprehensive risk assessments, resource prioritization, and actionable insights for businesses.
Roni Fuchs, Legit Security’s Co-founder and CEO, explained the shortcomings of traditional security scanners, discussing how traditional scanners are highly technical, they lack broader context and only provide focus on a very narrow section of overall application risk. Moreover, he highlighted the challenges of securing apps, which often require collaboration between security, engineering, and DevOps teams—a daunting task at scale.
In response to these challenges, Legit Security was born in 2020. Initially, the company aimed to secure software supply chains. However, its capabilities have since evolved, now aggregating vulnerabilities from various sources, integrating with traditional app security tools, and scoring vulnerabilities. The platform provides real-time visibility and security control across development environments, offering a unified plane to orchestrate apps.
Legit Security’s claim to fame is its ability to secure the entire app development environment, from code to cloud. This involves enforcing security policies in CI/CD pipelines, servers, and other infrastructure components. It excels in discovering and mapping pre-production dev pipelines, third-party security tools, dependencies, misconfigurations, and vulnerabilities. According to their team, code scanning alone is insufficient for app security today and developers need a unified plane to secure the overall environment, not just myopically on the code alone.
Legit Security doesn’t stop there; it goes a step further by tracing vulnerabilities in production environments back to their source in the pipeline and source code. Additionally, it identifies duplicate and redundant tools, contributing to cost-saving efforts.
Legit Security operates within the emerging category of security tools known as Application Security Posture Management (ASPM), as coined by Gartner earlier this year. ASPM tools help manage app risk by collecting, analyzing, and prioritizing security issues throughout the software lifecycle. The demand for ASPM is on the rise, with Gartner estimating that 40% of security teams will use an ASPM tool by 2026, up from just 5% today.
While Legit Security faces competition in this burgeoning market, CEO Roni Fuchs remains confident in their unique offerings and early-mover advantage. Rivals like Apiiro, Cycode, and ArmorCode may be formidable, but Legit Security’s commitment to innovation sets it apart.
Legit Security has already gained recognition from prominent organizations, including Google, the New York Stock Exchange, Kraft Heinz, and Takeda Pharmaceuticals. While specific revenue figures remain undisclosed, Fuchs revealed that the company sealed a $2.25 million customer deal this year, showcasing its ability to secure substantial contracts.
As the cybersecurity landscape continues to evolve, Legit Security stands as a beacon of innovation and protection, armed with the resources to strengthen its mission further. In an industry marked by constant threats and evolving challenges, Legit Security is poised to make a significant impact, one secured application at a time.