Legit Security, a cyber security business with an enterprise SaaS platform to protect an organization’s software supply chain, finally launched a free Rapid Risk Assessment to help organizations actively reduce the risk of debilitating software supply chain cyberattacks. The free risk assessment gives businesses rapid visibility into vulnerabilities in their software supply chain, as well as suggestions on where to best invest security resources and technologies to prevent future attacks. 

Software supply chain threats target an organization’s internal software development supply chain, introducing vulnerabilities and backdoors into the software, which are subsequently passed on to unwitting customers, exposing them to a powerful and dangerous multiplier effect. According to information from several governments, businesses, and security vendor sources, software supply chain threats have increased year over year.

The Rapid Risk Assessment is a free service that employs Legit Security’s SaaS-based security platform to perform automated discovery and analysis of an organization’s software supply chain environment to find vulnerabilities, misconfigurations, and security events. Risk assessments can be set up in minutes using an agentless connection, and they are non-invasive, requiring no changes to development tools or workflows. Depending on the scale of the environment, typical assessments might take anything from a few minutes to two hours to complete. This automated scan looks for weaknesses and breaches in software delivery pipelines, as well as the security posture of systems and infrastructure deployed within those pipelines, the people who work within them, and their security hygiene.