Legit Security
Legit Security is an Application Security Posture Management (ASPM) platform that provides visibility and security controls across the software development lifecycle. The platform integrates with development environments to: - Monitor and assess application security risks from code to cloud deployment - Detect and prevent secrets exposure in code repositories - Generate Software Bill of Materials (SBOM) for compliance purposes - Implement security controls for software supply chain - Manage AI security posture and detect risky AI/LLM usage in development - Consolidate and prioritize application security vulnerabilities Key capabilities include: - Automated discovery and visualization of application security risks - Integration with existing CI/CD pipelines and development tools - Policy enforcement and compliance monitoring - Risk prioritization based on business impact analysis - Security automation and orchestration features - Vulnerability correlation and deduplication - Developer-focused remediation guidance The platform aims to help organizations: - Maintain visibility across development environments - Implement consistent security controls - Automate compliance validation - Detect security issues early in development - Manage application security at scale
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Open-Source framework for detecting and preventing dependency confusion leakage with a holistic approach and wide technology support.
SAST and malware analysis tool for Android APKs with detailed scan information.
An open-source web application security scanner framework that identifies vulnerabilities in web applications.
An API security and governance platform that provides discovery, security testing, compliance monitoring and lifecycle management capabilities for enterprise API implementations.
Python-based web server framework for setting up fake web servers and services with precise data responses.
A full python tool for analyzing Android files with various functionalities.
SSTImap is an automated detection tool that identifies Server-Side Template Injection vulnerabilities in web applications through an interactive testing interface.
Cross-site scripting labs for web application security enthusiasts
A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.