Legit Security, a cybersecurity company focused on identifying app vulnerabilities from code, has recently secured $40 million in a Series B funding round. The funding was led by CRV, with participation from Cyberstarts, Bessemer Venture Partners, and TCV. With this funding, Legit Security’s total raised amount now stands at $77 million. The company plans to utilize these funds to expand its sales, marketing, and R&D teams.
Plans for utilizing the funds
With the newly raised funds, Legit Security aims to fuel its growth and innovation by expanding its sales, marketing, and R&D departments. This expansion will enable the company to scale its operations and offer enhanced app security solutions to its customers.
Expected growth in headcount
Currently, Legit Security has 78 employees. However, with the infusion of funds and the company’s ambitious growth plans, CEO Roni Fuchs expects the headcount to surpass 100 by the end of the year. This increase in team size will be crucial in supporting the company’s expansion efforts and meeting the growing demands of its customer base.
Opportunities in the app security industry
Application security is a diverse industry with numerous point solutions that are yet to be consolidated into broader, more capable platforms. This industry presents significant opportunities for modernization and the development of consolidated platforms that can effectively address the evolving app security needs. Legit Security aims to leverage these opportunities and provide a comprehensive platform to enhance app security.
Background of Legit Security’s founders
Legit Security’s founders, Roni Fuchs, Liav Caspi, and Lior Barak, all served together in the cyber warfare division of the Israel Defense Forces (IDF). After leaving the IDF, they gained valuable experience in the cybersecurity field, working at renowned companies such as Microsoft and Checkmarx, an app security testing firm. Their combined expertise and experience led them to identify the shortcomings of traditional app security scanners and inspired them to create a platform that addresses these challenges.
Challenges with traditional app security scanners
Traditional app security scanners often lack broader context and provide a narrow focus on specific sections of application risk. Additionally, securing apps requires collaboration between various teams, including security, engineering, and DevOps, which can be challenging to operationalize at scale. These limitations make it difficult for businesses to understand risk, prioritize resources, and take effective action to enhance app security.
Introduction of Legit’s platform
Originally designed as a platform to secure software supply chains, Legit evolved into a comprehensive solution that aggregates vulnerabilities from different sources. The platform integrates with traditional app security tools and provides real-time visibility and security control across development environments. It also serves as a unified plane for orchestrating apps, offering seamless security management throughout the application lifecycle.
Capabilities of Legit’s platform
Legit’s platform offers a wide range of capabilities to enhance app security. It secures the entire app development environment, from code to cloud, by enforcing security policies in CI/CD pipelines, servers, and infrastructure. The platform automatically discovers and maps pre-production dev pipelines, as well as third-party security tools, including their dependencies, misconfigurations, and vulnerabilities. It performs automated analysis of dependencies, misconfigurations, and vulnerabilities, tracing them back to their source code and pipeline. Legit’s platform also identifies duplicate and redundant tools, helping companies streamline their security infrastructure and reduce costs.
Legit’s role in securing the app dev environment
Legit’s platform plays a crucial role in securing the app development environment. By providing real-time visibility and security control, it allows businesses to identify and mitigate vulnerabilities at every stage of the development process. From enforcing security policies in CI/CD pipelines to analyzing dependencies and misconfigurations, Legit ensures that the app development environment remains secure and free from potential threats.
Legit’s position in the emerging category of application security posture management (ASPM) tools
Legit’s platform falls under the emerging category of application security posture management (ASPM) tools. ASPM tools help manage app risk by collecting, analyzing, and prioritizing security issues across the software lifecycle. The demand for ASPM tools is expected to grow significantly, with Gartner estimating that 40% of security teams will have an ASPM tool by 2026, up from just 5% currently. Legit, with its advanced capabilities and early-mover advantage, is well-positioned in this nascent market.
Competition in the ASPM market
While the ASPM market is gaining traction, Legit faces competition from other players in the industry. Apiiro, Cycode, and ArmorCode are some of the closest competitors in this space. However, Legit believes that its platform’s unique differentiators, such as auto-discovery, correlation, and analysis capabilities, set it apart from the competition.
Legit’s customer base and revenue
Legit’s customer base includes reputable companies such as Google, the New York Stock Exchange, Kraft Heinz, and Takeda Pharmaceuticals. Although the specific annual recurring revenue of Legit is undisclosed, the company recently closed a $2.25 million deal with a customer in 2021. In Q2, Legit’s deal sizes averaged around $341,000.
Current state of the cybersecurity startup market
The cybersecurity startup market has experienced some challenges, with mergers and acquisitions in the industry declining. However, the demand for app security tools, such as Legit’s platform, remains strong. The combination of improved security and risk management, productivity, and cost savings offered by ASPM tools like Legit’s has fueled customer interest and increased the market potential.
Differentiating factors of Legit’s platform
Legit’s platform stands out due to its strength in auto-discovery, correlation, and analysis capabilities. By automating the discovery and analysis of vulnerabilities, dependencies, and misconfigurations, Legit streamlines the app security process and provides businesses with actionable insights to enhance their security posture. This differentiation, combined with Legit’s early-mover advantage, positions the company as a leader in the app security industry.
In summary, Legit Security’s recent funding round has enabled the company to further develop its platform and enhance app security. With its comprehensive solution and unique capabilities, Legit is well-positioned to capitalize on the opportunities in the app security industry. Through the expansion of its teams and the continuous innovation of its platform, Legit aims to provide businesses with the tools they need to secure their app development environments and mitigate potential vulnerabilities.
