Gartner notes that “By 2028 of new 40% enterprise production software will be created with vibe coding techniques and tools.” How does security fit into this new reality? How can developers feel confident about the quality and security of vibe coding output if traditional AST no longer plays a role? How can security keep up with the volume, and questionable quality, of code teams are now creating? Get details on how Legit is securing vibe coding. Link in comments. #vibecoding #AI #ASPM #ApplicationSecurity #LegitSecurity
Legit Security
Computer and Network Security
Boston, MA 13,053 followers
Legit is the only ASPM platform purpose-built to secure AI-led application development.
About us
The Legit Security ASPM platform is a new way to manage application security in a world of AI-first development, providing a cleaner way to manage and scale AppSec and address risks. Fast to implement, easy to use, and AI-native, Legit has an unmatched ability to discover and visualize the entire software factory attack surface, including a prioritized view of AppSec data from siloed scanning tools. As a result, organizations have the visibility, context, and automation they need to quickly find, fix, and prevent the application risk that matters most. Spend less time chasing low-risk findings, more time innovating.
- Website
-
http://www.legitsecurity.com
External link for Legit Security
- Industry
- Computer and Network Security
- Company size
- 51-200 employees
- Headquarters
- Boston, MA
- Type
- Privately Held
- Specialties
- cybersecurity and application security
Locations
-
Primary
Boston, MA, US
Employees at Legit Security
Updates
-
In a just-published InfoWorld article, Victor R. 'Bob' Garza highlights “8 vendors bringing AI to devsecops and application security,” including Legit Security. Garza spent time at the recent Black Hat and Def Con tradeshows to understand how AI is affecting software development and security. He notes that “the mood among application security vendors was equal parts optimism and urgency. Across the show floors and presentations, one theme stood out: AI is no longer just a buzzword or a bolt-on feature; it’s becoming the foundation of modern software security.” On the Legit ASPM platform, Garza highlights that “Legit’s root-cause correlation engine is a notable differentiator. Instead of leaving developers with dozens of separate tickets for the same underlying issue, spread across SCA scans, container scans, and runtime findings, Legit consolidates them into a single, fix-once task.” Read full article: https://hubs.li/Q03G3PPP0 #ASPM #vibecoding #AI #ApplicationSecurity
-
🔍 We commonly uncover build assets in organizations’ development environments that they are not currently using, and aren’t aware of. 👀 For example, working with a major manufacturing enterprise, we exposed a rogue Jenkins server in their environment; they weren’t aware it was there, and it was not only exposed to the Internet, but also had risky misconfigurations. ❓Why are there so many unknown assets in build environments today? 🔧 Developers “bringing their own devices” plays a big role. 🔦 We often come across scenarios where development teams are spinning up Jenkins servers, Azure DevOps pipelines, or JFrog artifact repositories, and the security team has no visibility into where or when. 👉 Learn more about the unknown risks we uncover: https://hubs.li/Q03F_ZvC0 #ASPM #ApplicationSecurity
-
-
⭐10 API Key Security Best Practices⭐ We often find API keys not properly secured in enterprises' development environments. Securing web API keys is critical to protecting API data and functionality. Best practices for securing them include: 1️⃣ Generate strong, unique API keys 2️⃣ Use secure storage solutions 3️⃣ Rotate API keys regularly 4️⃣ Restrict access with granular permissions 5️⃣ Monitor and limit API key usage 6️⃣ Avoid client-side exposure 7️⃣ Implement HTTPS for secure transmission 8️⃣ Conduct regular audits and logging 9️⃣ Disable unused keys 🔟 Educate your team on API key security Get details in our blog post. Link in comments. 👇 #LegitSecurity #ApplicationSecurity #ASPM
-
-
🤖 Research for our 2025 State of Application Risk report found that a significant 71 percent of organizations are now using AI models in their source code development processes. ❗At the same time, 46 percent of these organizations are employing AI models in risky ways. 👀 One example: The report reveals that, on average, 17 percent of repositories within organizations have developers using AI tools without proper branch protection or code review processes in place. ☠️ This toxic combination of AI usage and lax security controls creates an environment ripe for introducing vulnerabilities or malicious code into production systems. 👉Another concerning trend we see is the use of low-reputation large language models (LLMs). 🔍The reputation and level of community adoption of third-party AI models serve as critical indicators of their reliability, effectiveness, and safety. 📊 Get more details on our findings and a link to the full report in our blog post on the topic. Link in comments. #LegitSecurity #ASPM #ApplicationSecurity #GenAI
-
-
Want Legit co-founder Liav Caspi's list of top 10 vibe coding risks? Check out the recording of our "AI-Generated Code and the Next Era of Secure Development" webinar! A few additional key takeaways from last week's session: ✔️AI FOMO is pushing AI-led development before risks are well understood ✔️AI agents are some of the most high-risk developers today ✔️Zero trust code is the game of the day - assume all code was touched by AI and is therefore risky Link to recording in comments! 👇 #AppSec #ApplicationSecurity #cybersecurity #AI #vibecoding
-
-
What do you need to know about vibe coding? Download the new Gartner® report, “Why Vibe Coding Needs to Be Taken Seriously” to find out. https://hubs.li/Q03DWppw0 #LegitSecurity #ASPM #vibecoding #GenAI
-
-
Legit Security is looking for new Legiteammates! What makes it special here isn't just the cutting-edge technology in AppSec and ASPM, it's the people. A team of passionate, supportive, and driven colleagues who are all building something big together. Being part of Legit means having the chance to make a real impact: on the product, on our customers, and on the company's growth. And now, we're looking for more great teammates to join us on this journey 📢 We're hiring: ✔️ Sales Engineers ✔️ Account Executives If you have experience in Application Security or ASPM, that's a huge plus, but above all, we're looking for people who want to grow, learn, and be part of a team that's changing the way companies secure their software. Check out the open roles here: https://lnkd.in/es7wKQfV https://lnkd.in/eRUBncq9 If this sounds like you - or someone you know - let's connect! #WeAreHiring #SalesEngineer #AccountExecutive #AppSec #ASPM #LegitSecurity
-
-
This summer, we surveyed 100 security professionals about their AppSec pains and priorities. Their top application security priorities for the next 12 months? 1. Reducing vulnerabilities in production 2. Improving remediation efficiency and automation 3. Ensuring generative AI is used securely in development Read our new blog post with more survey highlights and a link to the full report. Link in comments. 👇 #ASPM #LegitSecurity #ApplicationSecurity #GenAI
-
-
📢 Just published ASPM buyer's guide! CSO created this valuable resource to help buyers understand: ✔️ What ASPM entails ✔️ Why you need ASPM ✔️ Questions to ask if considering ASPM ✔️ The ASPM vendors Thanks to CSO Online and David Strom for including Legit Security in this guide. https://lnkd.in/ebtgUp4i #ASPM #ApplicationSecurity #LegitSecurity