Legit Security Reviews

Name: Legit Security
Brand: Legit Security
Rating: 5 (4 reviews)

5.0 out of 5

4 reviews
100% willing to recommend

What is Legit Security?UNIXBusinessApplication
Price:

Legit Security provides application security posture management platform that secures application delivery from code to cloud and protects an organization's software supply chain from attack. The platform’s unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.

Get the Legit Security Buyer's Guide and find out what your peers are saying about Legit Security, Snyk, Docker and more!

Legit Security is the #2 ranked solution in top Application Security Posture Management (ASPM) solutions and #5 ranked solution in top Software Supply Chain Security solutions. PeerSpot users give Legit Security an average rating of 10.0 out of 10. Legit Security is most commonly compared to Snyk: Legit Security vs Snyk. Legit Security is popular among the large enterprise segment, accounting for 50% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 23% of all views.

Helped 769,599 peers since 2012

Featured reviews

Rob Preta

Head of Cyber Security at ACV Auctions Inc.

Oct 16, 2023

Legit Security enables me to verify things like request checks and the installation of my SaaS. I can also verify that we're not publicly exposing our keys. Those are crucial features. Legit Security's visibility into our software development environment is excellent. The solution correlates information based on the integrations I have, which is extremely helpful. The unified security control panel is top-notch. It has helped us gain insight as the company has grown over the past couple of years. We used to have two different programs that did some of this, but now we're going to discontinue the other application and only use Legit. Centralization is one thing I always preach, and Legit helps us do that. The risk-scoring features are excellent, and their scoring methodology is aligned with mine. It's integrated with Snyk, GitHub, Jenkins, and Wizz. The integration with AppSec applications and tools is excellent. The performance is super-fast, and I haven't had any problems.

Read full review

Tim Crothers

CISO at Mandiant / FireEye

Dec 8, 2023

Legit Security is a product that hyper-focuses on the various aspects of the software development pipeline. For example, if an engineer spins off a new project and stands up a new Git project, Legit automatically detects it, connects Snyk and other tools, and ensures the engineering team doesn't have to think about it. This way, we stay on top of security from the beginning. On the other hand, Legit provides a clear view of the controls around repositories. We have standards requiring code reviews and similar practices, and Legit shows us whether these are being followed. Additionally, Legit helps us identify unmaintained repositories, which often arise when engineering teams try something and leave it behind. This knowledge allows us to determine the appropriate action for these neglected projects. One area where Legit falls short is secret detection. While it functions well overall, the feature has a 10-20 percent false positive rate, requiring some manual intervention. Almost everything else works flawlessly. The true value proposition of Legit lies not in its features but in its ability to support our product security program's focus on creating guardrails instead of toll gates. Unlike traditional programs that require security reviews at specific stages, hindering development flow, we strive to partner with the product engineering team to ship secure code seamlessly within their existing workflows. Legit plays a crucial role in this by automatically notifying us of new projects, eliminating the need for manual communication. This partnership approach, enabled by Legit, allows us to work much closer with our engineering teams than ever before.

Read full review

James-Robinson

Deputy Chief Information Security Officer at Netskope

Oct 19, 2023

The ability to roll up recordings, build dynamic teams, and then map observed controls to those things, has been very helpful. We also use Legit Security for secret management and validation to ensure that secrets are still getting into our codebase, as well as for infrastructure and code scans. These are the three main use cases for which I have been using Legit Security. There are a number of other areas in which it has also helped us, such as pipeline security, which involves the actual infrastructure and pipelines that we use to build and deploy our software. I wanted to make sure that these were secure, and Legit Security helped me with that as well.

Read full review

Legit Security market share

Product category:

As of April 2024, the market share of Legit Security in the Software Supply Chain Security category stands at 18.4%, marking an increase of 50.7% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Software Supply Chain Security

Key learnings from peers

Valuable Features

"The true value proposition of Legit lies not in its features but in its ability to support our product security program's focus on creating guardrails instead of toll gates."
"We implemented Legit Security to gain visibility into all development teams and ensure that consistent controls are in place and accounted for on every route."
"Legit has increased my security posture to a level I couldn't achieve before. I don't need to worry as much about what's happening within my developer environments. I can rest assured that my vulnerabilities are being detected."

Room for Improvement

"One issue is that engineering teams don't always embed secrets in the same way, making it difficult for the tool to consistently identify them."
"The one we're working on right now is the ability to dynamically rerun development teams and groups."
"Legit Security could do a little better with detecting publicly exposed keys. It's not bad. The detections that they are running get to everything eventually, but it would be great if they could increase some of that awareness."

Pricing

"The pricing is reasonable."

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Legit Security Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews

Computer Software Company

23%

Financial Services Firm

12%

Pharma/Biotech Company

12%

University

10%

Healthcare Company

Retailer

Insurance Company

Hospitality Company

Educational Organization

Performing Arts

Legal Firm

Recreational Facilities/Services Company

Construction Company

Wholesaler/Distributor

Energy/Utilities Company

Manufacturing Company

Media Company

Non Profit

Outsourcing Company

Real Estate/Law Firm

Comms Service Provider

Compare Legit Security with alternative products

Learn more about Legit Security

Legit Security customers

Google, NYSE, Kraft-Hienz, Takeda Pharmaceuticals, and many other large enterprise and Fortune 500 customers. Learn more by going to: https://www.legitsecurity.com/...