Legit Security unveils root cause remediation capabilities to reduce AppSec risk

Legit Security announced new root cause remediation capabilities, allowing teams to address multiple software vulnerabilities with one practical step.

By pinpointing the choke points where remediation actions can address multiple issues at once, security teams accelerate risk reduction and reduce the burden on developers.

“Our newest capabilities expand our customers’ ability to execute the most rapid and efficient remediation process for business-critical vulnerabilities,” said Lior Barak, Legit Security’s CPO. “Finding and fixing software vulnerabilities is a challenging process due to a number of factors, such as understanding where the vulnerability originated, who should own it, and the best remediation action to take. This much-needed solution provides key stakeholders the insights they need to fix what matters first and remediate critical risks quickly and efficiently.”

Tackling issues at the choke point: Root cause remediation actions

Security and development teams are often overwhelmed with findings from AppSec testing tools, and lack the context to prioritize them. As a result, they spend countless hours applying fixes, frequently addressing duplicate issues or searching for the best location to make a fix.

With root cause remediation, Legit pinpoints the actions where a single fix can have the most impact by addressing multiple issues simultaneously. Key features and benefits include:

• Remediation impact analysis: Understand the potential scope the next single fix could make on remediating multiple risks
• Remediation prioritization and visualization: Get deep context of the application and vulnerabilities to identify fixes with the highest potential to improve AppSec posture
• Best fix location: Identify the root cause of a risk, and the best location to permanently fix it, including who owns it
• Bulk remediation playbooks: Apply the most effective fixes through out-of-the-box playbooks to support bulk remediation efforts, such as upgrading key dependencies or addressing code vulnerabilities from the same type in the same code file, together.

In addition to the new root cause remediation capabilities, Legit also announced:

• Service-level agreement (SLA) management that automates remediation workflows, monitors progress, and drives accountability. Legit SLA data can be exported or integrated into third-party GRC systems to support compliance and audit requirements, and into ticketing systems to align with remediation workflows. Trends and metrics are available to help teams understand and report on SLA adherence and gaps.

With Legit’s enhanced capabilities, organizations can bolster their application security posture by knowing what fixes can address multiple issues simultaneously while easing the process of demonstrating compliance.