BOSTON, April 29, 2025 /PRNewswire/ -- Legit Security, the leader in AI-native Application Security Posture Management (ASPM), today announced new functionalities that leverage AI to help security teams more quickly shore up gaps in their AppSec programs. Specifically, Legit now leverages AI to drive advanced discovery for code-to-cloud correlation, increased precision in issues prioritization and scoring, and AI-assisted remediation. These new capabilities build on Legit's already extensive use of AI to deliver the most effective ASPM solution on the market.

"While AI enables developers to write complete applications in seconds, security has taken a backseat," said Liav Caspi, co-founder and CTO, Legit. "With AI allowing faster development, the code generated is often susceptible to exploitable vulnerabilities, bugs, and security risks. In addition, organizations' understanding of the governance of code and logic they create has dropped dramatically. This has become a pressing issue, with the European Union and United States introducing new compliance requirements to address AI. We are solving this challenge by leveraging AI within our ASPM platform to rapidly find, fix, and prevent vulnerabilities."

Legit's AI-native ASPM platform empowers organizations to identify exploitable vulnerabilities, weaknesses, and misconfigurations and to enforce better application security throughout the entire AppSec lifecycle. Legit leverages AI to get ahead of vulnerability overload and reduce time and costs by preventing issues making their way into software releases.

Legit is the industry's only ASPM platform to utilize AI broadly across the entire lifecycle, from discovery to prioritization and remediation. Additionally, users have full control over when and where these AI capabilities are employed based on their organization's policies and risk tolerance. With these enhancements, organizations can safely accelerate AI development while mitigating risks.

Key AI-powered features and benefits include:

• Discovery for code-to-cloud correlation: Legit extended its existing discovery capabilities with the ability to deliver consolidated code-to-cloud correlation powered by AI, which expands coverage to more development pipelines and greatly increases the accuracy of discovery results. Organizations can minimize their risk by automating detection of malicious models and insecure implementations of AI and gain real-time visibility into how and where AI-developed code is being used across all development environments.
• Prioritization: Legit applies AI to expand the platform's ability to prioritize risk and reduce noise. Legit's risk score is now AI-assisted and has greater accuracy, precision, and explainability. Legit's prioritization features continue to build upon its notable contextual capabilities and enable AI to analyze dozens of risk factors, delivering a contextual risk score that is much more accurate and precise than simple math-based formulae. This also extends Legit's AI-based secrets scanning that uses AI to reduce noise and prioritize real secrets.
• Remediation: Legit's new remediation component offers proactive methods to fix at speed with AI-generated remediation guidance. Integrated into the developer flows like pull-request checks, embedded code suggestions help developers save time on code validation.

ASPM opportunities:
The Legit ASPM platform provides a complete, real-time view of the software factory, including its assets, owners, security controls, vulnerabilities, and how they all relate to improve developer productivity and manage security. By enabling secure, AI-powered development and mitigating AppSec risk, Legit empowers teams with the ability to address multiple use cases as they relate to AI use, including:

• Securing applications that are customer-facing with AI-based enhancements
• Securing fast-moving development teams and using AI to generate and validate secure code so they can build quickly and ship faster
• Securing AI-generated code and apps for development teams

For example, with discovery, Legit's AI-enabled code-to-cloud capabilities provide a vendor-agnostic approach to pull data from multiple scanners. Legit uses AI to then correlate scans and run code analysis so that organizations can quickly identify business risks and provide contextual depth unlike any other platform.

Additionally, through prioritization, security teams can easily deliver deep, contextual insights through the detection of AI false positives, exposed secrets in code, and risk scoring mechanisms, highlighting fixes that are top priority.

Resources:

• Get a demo at Legit's RSAC Booth #S-3131 or visit https://www.legitsecurity.com/events for more information about Legit at the 2025 RSA Conference.
• When AI Writes Code, Empowering Secure Development: Join us at our hosted networking and breakfast panel on April 29th from 7:30-9:30AM PST. The location is near the Moscone Center in San Francisco.
• For further details on the broader Legit platform, visit www.legitsecurity.com.

About Legit Security
The Legit Security ASPM platform is a new way to manage application security in a world of AI-first development, providing a cleaner way to manage and scale AppSec and address risks. Fast to implement, easy to use, and AI-native, Legit has an unmatched ability to discover and visualize the entire software factory attack surface, including a prioritized view of AppSec data from siloed scanning tools. As a result, organizations have the visibility, context, and automation they need to quickly find, fix, and prevent the application risk that matters most. Spend less time chasing low-risk findings, more time innovating.

Media Contact:
Michelle Kearney
Hi-Touch PR
443-857-9468
kearney@hi-touchpr.com