Legit Security, the definitive application security posture management (ASPM) leader providing end-to-end visibility and protection across the entire software factory, today announced enhancements to its secrets scanning product. Available as either a stand-alone product or as part of a broader ASPM platform, Legit released a new secrets dashboard for an integrated view of all findings and recovery actions taken to remediate secrets. In addition, Legit released new discovery and remediation capabilities for secrets found within developers’ personal GitHub repositories.
Secrets – from API keys and tokens to credentials and PII – play a vital role in application development. However, the high value of secrets makes them a prime target for attackers and creates risk across the organization, from security operations to cloud and platform engineering. Legit’s new capabilities greatly improve the ability to mitigate risk and reduce the attack surface associated with secrets.
The explosive growth in non-human identities (NHIs), which need credentials to manage authentication and authorization, has increased the prevalence of secrets. While security teams typically focus on secrets in source code, they are increasingly emerging in ticket systems, artifact registries, and other systems, such as Confluence, Jira, and Slack. Organizations are challenged with protecting secrets from exposure while enabling developers to build services that rely on them. This challenge is further exacerbated by compliance requirements, such as HIPPA, PCI DSS and GDPR, that direct organizations to secure secrets.
Legits’ enhancements are the latest in the company’s track record of delivering innovative capabilities to secure the modern software factory. With the earlier release of its AI-powered capabilities to detect and protect secrets across the software development pipeline, Legit was the first to apply AI/ML to significantly reduce noise associated with secrets scanning.
Legit’s new secrets dashboard gives teams:
- Centralized visualization: Provides the most complete view of all secrets detection and prevention activities across the enterprise to prioritize remediation and ensure guardrails are in place.
- Secrets analytics: Prioritizes secrets remediation based on factors such as severity, source, repo/product, and user.
- Secrets prevention: Provides insights into potential new secrets that have been prevented based on an organization’s policies and established guardrails
,
- Secrets growth and remediation trends: Insights into new secrets, issues resolution, and backlog trends, so that organizations can measure the effectiveness of AppSec programs in preventing and remediating secrets.
Legit’s new ability to discover secrets in personal GitHub repositories gives teams:
- Secrets discovery: Identifies and monitors secrets within a developer’s personal GitHub and the organization’s account, ensuring that developers do not expose secrets.
- Personal repository discovery: Identifies and builds an inventory of all personal repositories owned by an organization’s developers for a comprehensive list of assets used by developers.
- Consolidated triage and remediation: Integrates findings from business and personal accounts into the Legit platform to provide a single view of the risk associated with secrets, regardless of where they reside.
With Legit’s new and enhanced capabilities, organizations gain critical insights into the enterprise’s secrets posture to understand risk and remediation trends over time. They are also provided with the broadest coverage to strengthen their security posture and protect their development environment from end to end.
Legit offers a free trial of its secrets detection and prevention solution. To register, visit https://info.legitsecurity.com/secrets-detection-and-prevention-free-trial.
Like this:
Like Loading...
Related
This entry was posted on December 19, 2024 at 9:00 am and is filed under Commentary with tags Legit Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Legit Security Enhances Secrets Detection & Prevention with a Single, Integrated View of All Secrets Findings and Recovery Actions Across the SDLC
Legit Security, the definitive application security posture management (ASPM) leader providing end-to-end visibility and protection across the entire software factory, today announced enhancements to its secrets scanning product. Available as either a stand-alone product or as part of a broader ASPM platform, Legit released a new secrets dashboard for an integrated view of all findings and recovery actions taken to remediate secrets. In addition, Legit released new discovery and remediation capabilities for secrets found within developers’ personal GitHub repositories.
Secrets – from API keys and tokens to credentials and PII – play a vital role in application development. However, the high value of secrets makes them a prime target for attackers and creates risk across the organization, from security operations to cloud and platform engineering. Legit’s new capabilities greatly improve the ability to mitigate risk and reduce the attack surface associated with secrets.
The explosive growth in non-human identities (NHIs), which need credentials to manage authentication and authorization, has increased the prevalence of secrets. While security teams typically focus on secrets in source code, they are increasingly emerging in ticket systems, artifact registries, and other systems, such as Confluence, Jira, and Slack. Organizations are challenged with protecting secrets from exposure while enabling developers to build services that rely on them. This challenge is further exacerbated by compliance requirements, such as HIPPA, PCI DSS and GDPR, that direct organizations to secure secrets.
Legits’ enhancements are the latest in the company’s track record of delivering innovative capabilities to secure the modern software factory. With the earlier release of its AI-powered capabilities to detect and protect secrets across the software development pipeline, Legit was the first to apply AI/ML to significantly reduce noise associated with secrets scanning.
Legit’s new secrets dashboard gives teams:
,Legit’s new ability to discover secrets in personal GitHub repositories gives teams:
With Legit’s new and enhanced capabilities, organizations gain critical insights into the enterprise’s secrets posture to understand risk and remediation trends over time. They are also provided with the broadest coverage to strengthen their security posture and protect their development environment from end to end.
Legit offers a free trial of its secrets detection and prevention solution. To register, visit https://info.legitsecurity.com/secrets-detection-and-prevention-free-trial.
Share this:
Like this:
Related
This entry was posted on December 19, 2024 at 9:00 am and is filed under Commentary with tags Legit Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.