Legit Security raises $40 million to address AI’s threats to applications

Legit Security has successfully closed a $40 million venture capital round investment led by CRV with participation from existing investors Cyberstarts, Bessemer Venture Partners, and TCV.

Legit Security’s ASPM platform continuously reduces application risk through discovery, analysis, correlation, and remediation of application vulnerabilities from code development all the way to cloud deployment.

The platform provides real-time visibility and security control across changing development environments and provides a unified application security control plane that consolidates vulnerabilities from different sources, enforces security policies, and prioritizes risk to help focus on what’s most important.

Security teams uses the platform to identify security gaps in real-time and leverage unparalleled context to streamline developer collaboration and remediation, enabling application security to be more efficient, effective and productive.

Gartner predicts that by 2026, more than 40% of organizations creating custom applications will embrace ASPM. Gartner also recommends that organizations with diverse development teams and a wide assortment of security tooling should prioritize ASPM and describes it as a “transformational” technology that will drive major shifts in the application security industry.

Legit Security’s rapid customer growth includes a roster of prominent enterprise brands such as Google, NYSE, Kraft Heinz and Takeda Pharmaceuticals. Additional Fortune 500 customers include some of the largest enterprises in the world that are Top 5 global leaders in their respective industries including insurance, banking, consumer products, and cybersecurity.

Further contributing to this growth, Legit’s platform deployments across all customers have nearly doubled in size within the first year of implementation.

“We were highly impressed with the Legit Security team and amazed by the breadth and depth of their Fortune 500 customers in such a short time,’ said James Green, General Partner, CRV. “We fully expect the Application Security Posture Management (ASPM) category to forever change the established Application Security market. What Wiz did for Cloud Security Posture Management, we think Legit can do for ASPM. We couldn’t be happier to invest in the best company in the space to disrupt that market.”

“Cyberstarts is excited to continue backing the talented, hard-working team at Legit Security as they continue to lead a significant and rapidly growing category called Application Security Posture Management,” said Gili Raanan, Founder, Cyberstarts. “Since the beginning, Legit has listened closely to their enterprise customers and developed an easy-to-operate, market leading platform that has demonstrated strong product-market fit. Legit has the team, product and market opportunity aligned, and it’s time to further accelerate growth with additional resources.”

The Series B funds will be used to expand Sales, Marketing and R&D, as well as address the emerging threat of AI and LLMs in the development of new applications. Software development teams are increasingly leveraging AI-generated code and embedding LLMs in their applications to accelerate innovation, but these AI technologies are also introducing a rapidly expanding class of new security threats that the company will address with the additional resources.

“We founded Legit Security with the mission to secure the world’s software with a platform that continuously manages application security from code to cloud,” said Roni Fuchs, CEO of Legit Security. “We are honored to work closely with our customers to solve these challenges, and their insights have pushed us to develop a holistic approach to modern application security that brings security and development closer together for greater speed, efficiency and collaboration. With this investment our mission gains additional traction and speed, including new capabilities to extend visibility, security and governance to AI-generated code and embedded Large Language Models (LLMs) in applications.”