Legit Security, a cybersecurity company that develops a platform to identify and fix app vulnerabilities from code, has raised $40 million in a Series B funding round. The round was led by CRV, with participation from Cyberstarts, Bessemer Venture Partners and TCV. The funding will be used to expand Legit’s sales, marketing and R&D teams, as well as to enhance its product offerings.
Legit Security: A platform to secure the entire app dev environment
Legit Security was founded in 2020 by three former members of the cyber warfare division of the Israel Defense Forces (IDF): Roni Fuchs, Liav Caspi and Lior Barak. The trio had previously worked in cybersecurity at companies like Microsoft and Checkmarx, where they realized that traditional app security scanners were insufficient and outdated.
“Traditional scanners are highly technical, lack broader context and provide focus on a very narrow section of overall application risk,” Fuchs, who is also the CEO of Legit, told TechCrunch. “In addition, securing apps requires cooperation between security, engineering and DevOps, which is very challenging to operationalize at scale — and requires new solutions to help bridge the gap.”
Legit Security aims to solve these challenges by providing a platform that can secure the entire app dev environment from code to cloud. Legit integrates with existing app security tools and risk scores their vulnerabilities alongside the native vulnerabilities found by Legit. Legit also scans the dev pipelines, servers and other infrastructure for gaps, leaks and misconfigurations. Moreover, Legit enforces security policies in CI/CD pipelines and monitors the security hygiene of the people who operate within them.
“Code scanning alone is insufficient for app security today. You need to also scan your dev pipelines for gaps and leaks, the infrastructure and systems within those pipelines and the people and their security hygiene as they operate within it,” Fuchs said.
Legit Security: A fast-growing startup with a strong customer base
Legit Security claims that its platform can reduce app security risks by up to 90% and save up to 80% of the time and resources spent on app security. The startup also boasts that it has achieved a 100% customer retention rate since its launch.
Some of Legit’s customers include leading companies in various sectors, such as fintech, e-commerce, gaming, healthcare and education. For example, Legit helps Payoneer, a global payment platform, to secure its apps across multiple regions and teams. Legit also helps Wix, a website builder platform, to automate its app security processes and improve its security posture.
“Legit Security is a game-changer for us. It provides us with a holistic view of our app security risks and helps us prioritize and fix them faster than ever before,” said Nir Valtman, VP of Application Security at Wix.
Legit Security: A vision to modernize app security
With the new funding, Legit Security plans to grow its team from 78 to over 100 by the end of the year. The startup also intends to enhance its product capabilities by adding more integrations, features and analytics.
Fuchs said that Legit’s vision is to modernize app security and bring a broader platform to market that can address the diverse needs of enterprises.
“Today, application security is a diverse industry with dozens of point solutions that have not yet consolidated into broader, more capable platforms,” Fuchs said. “There are enormous opportunities to modernize app security and bring a broader platform to market to address these needs.”
