Legit Security Launches Industry-First AI Security Command Center, Expanding Its ASPM Platform to Protect the Modern AI-Native Software Factory

Legit AI Security Command Center provides a dedicated dashboard for application security (AppSec) and product security teams to centrally monitor, triage, and enforce AI security controls throughout fragile, fast-paced development environments.

BOSTON, Massachusetts – August 7, 2024 – Legit Security, the definitive application security posture management (ASPM) leader providing end-to-end visibility and protection across the entire software factory, proudly announces the launch of the industry’s first AI Security Command Center. This new, dedicated AI security dashboard provides security teams with a unified console to efficiently and proactively gain visibility to AI used in development and defend against cyberattacks exploiting AI-based applications, dramatically mitigating the use of risky AI models in development environments and application code.

“We're excited to unveil Legit AI Security Command Center, a clear sign of our commitment to our rapidly growing customer base and their journey with GenAI," said Roni Fuchs, CEO and Co-Founder of Legit Security. "AI is everywhere now, and developers are adopting it faster than ever to boost their productivity. At Legit Security, we’re all about helping developers move faster while keeping security rock-solid. Adding advanced AI security to our platform was the natural next step. This move really cements our ASPM platform as the go-to choice for any software-driven enterprise.”

In an era where development cycles are accelerating with AI, and attack surfaces continue to grow exponentially, security teams need modern application security tools now more than ever. According to Gartner^®, Inc., “By 2025, 80% of the product development lifecycle will make use of generative AI (GenAI) code generation, with developers acting as validators and orchestrators of back-end and front-end components and integrations.”¹ With the introduction of the Legit AI Security Command Center, security teams are now equipped with the necessary tools to efficiently integrate AI- and LLM-based capabilities in a controlled and secure manner. Now, they can proactively safeguard AI use across the software development lifecycle (SDLC) and prevent the accidental or intentional misuse of malicious and vulnerable machine learning (ML), GenAI, and large language models (LLMs) — all from a single pane of glass.

With the addition of Legit AI Security Command Center, customers gain:

• A dedicated console to manage AI application security posture: Legit AI Security Command Center provides application and product security teams with a powerful, centralized console to operationalize the way they monitor, triage, and report on their AI attack surfaces and prevent the use, or insecure implementation, of risky AI models from compromising their development environments.
• Deep, centralized visibility of AI model inventories and developer communities: Legit continuously searches across a wide array of AI model inventories and developer communities (e.g., Hugging Face) to dynamically inventory and assess the risk of actively used AI models. Applying the rich, full-stack context of the SDLC, Legit automatically flags and enforces AI security policies whenever new risky AI models appear in the development environment.
• Enhanced AI risk correlation and prioritization engine: Legit continues to refine and improve its AI security detection capabilities, regularly incorporating new risk attributes and scoring components to better surface, prioritize, and triage malicious and vulnerable AI, ML, and LLMs based on severity and risk impact.
• ASPM extended to AI security posture management (AI-SPM): Security teams effortlessly drive best-practice DevSecOps with Legit AI Security Command Center by adapting existing ASPM operational workflows, assignments, and governance and control frameworks to more efficiently and consistently address AI security issues across all AI-generated code and AI code assistants (e.g., GitHub Copilot) in use across the SDLC.
  
  

“AI in application development is a given now. The pace of innovation with AI is faster than security can handle, and organizations need to catch up fast,” commented Liav Caspi, CTO and Co-Founder of Legit Security. “Our advanced capabilities provide a novel, proactive approach to AI security throughout the SDLC, ensuring our customers can build and deploy secure code without delay or impacting delivery SLAs.”

Legit Security also announced today that it is joining the Coalition for Secure AI (CoSAI), a new, independent industry forum founded by Google dedicated to advancing robust and comprehensive AI security measures in software development and throughout the software supply chain.

Additional resources:

• Learn why Legit joined CoSAI as a sponsoring member.
• Check out new Legit Security research about The State of GitHub Actions Security.
• Join us at Black Hat 2024 in Las Vegas at Booth #3141.
• To learn more about Legit Security and its market-leading ASPM platform, visit www.legitsecurity.com.

Gartner Disclaimer

¹ Gartner, Emerging Tech: Generative AI Code Assistants Are Becoming Essential to Developer Experience, 11 May 2023.  

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

About Legit Security

Legit is a new way to manage your application security posture for security, product, and compliance teams. With Legit, enterprises get a cleaner, easier way to manage and scale application security and address risks from code to cloud. Built for the modern SDLC, Legit tackles the most challenging problems facing security teams, including GenAI usage, proliferation of secrets, and an uncontrolled dev environment. Fast to implement and easy to use, Legit lets security teams protect their software factory from end to end, gives developers guardrails that let them do their best work safely, and delivers metrics that prove the security program's success. This new approach means teams can control risk across the business – and prove it.

Media Contact:
Michelle Yusupov
Hi-Touch PR
443-857-9468
yusupov@hi-touchpr.com