Legit Security
How does Fluid Attacks' solution compare to Legit Security's? The following
comparison table enables you to discern the performance of both providers across various attributes essential
for meeting your company's cybersecurity needs. To better understand each attribute, read their descriptions in the
dedicated page.
Organization
|
Attribute
|
Essential
|
Advanced
|
Legit Security
|
|
Focus
|
|||
|
Extras
|
None
|
None
|
None
|
|
Headcount
|
|||
|
Headcount
Distribution
|
|||
|
Headcount
Growth
|
|||
|
Headquarters
|
|||
|
Countries
|
Same
|
||
|
Reputation
|
Same
|
||
|
Followers
|
Same
|
||
|
Research firms
|
None
|
None
|
Frost
& Sullivan and IDC
|
|
Founded
|
2001 | ||
|
Funding
|
Bootstrapped
|
Same
|
$73.5M
USD in 3 rounds
from 7 investors
|
|
Acquisitions
|
None
|
None
|
None
|
|
Revenue
|
|||
|
CVE
|
257 CVEs
reported to MITRE, ranked in the top 10
CVE labs
worldwide
|
0 CVEs reported to MITRE
|
|
|
Compliance
|
ISO/IEC 27001 and SOC 2 Type II | ||
|
Bug Bounty
|
No
|
||
|
Visits
|
|||
|
Authority
|
|||
|
Vulnerability
database
|
None
|
||
|
Content
|
Same
|
||
|
Knowledge
base
|
13 KB sections
|
No
|
|
|
Community
|
No
|
||
|
Sync
training
|
No
|
No
|
No
|
|
Async
training
|
3 product
use courses, all free
|
No
|
|
|
Distribution
|
Same
|
||
| Marketplaces | AWS | ||
|
Freemium
|
No
|
No
|
No
|
|
Free trial
|
|||
|
Demo
|
|||
|
Open Demo
|
No
|
No
|
No
|
|
Pricing
|
|||
|
Pricing tiers
|
1 plan
|
1 plan
|
1 plan
|
|
Minimum
commit
|
|||
|
Minimum payment
period
|
Annually | ||
|
Minimum
capabilities
|
|||
|
Minimum
scope
|
1 group
|
1 author
|
100 users
|
|
Pricing
drivers
|
|||
|
Minimum monthly
payment
|
Service
|
Attribute
|
Essential
|
Advanced
|
Legit Security
|
|
PTaaS
|
No
|
No
|
|
|
Reverse engineering
|
No
|
Yes | No |
|
Secure code review
|
No
|
No
|
|
|
Pivoting
|
No
|
No
|
|
|
Exploitation
|
No
|
No
|
|
|
Manual
reattacks
|
Not applicable
|
Not applicable
|
|
|
Zero-day
vulnerabilities
|
None
|
Continuous zero-day vulnerability
research
|
|
|
SLA
|
Availability | ||
|
Min
availability
|
>=99.95% per minute LTM
|
>=99.5% per
year
|
|
|
After-sale
guarantees
|
No
|
Yes
|
No
|
|
Accreditations
|
None
|
||
|
Hacker certifications
|
Not applicable
|
Not applicable
|
|
|
Type of contract
|
Employee
|
Same
|
|
|
Endpoint
control
|
Not applicable
|
Total
|
Not applicable
|
|
Channel
control
|
Not applicable
|
Total
|
Not applicable
|
|
Standards
|
Some requirements
from 65 standards, 13 in
common and 52 additional
|
All requirements from
the same standards
|
|
|
Detection method
|
Automated
tools and AI
|
||
|
Remediation
|
5, 3 in
common and 2 additional
|
Same, plus 1
|
3,
all in common
|
|
Outputs
|
5,
2 in common and 3 additional
|
Same,
plus 2
|
2, all in common
|
Product
|
Attribute
|
Essential |
Advanced
|
Legit Security
|
|
ASPM
|
Yes | ||
|
API
|
|||
|
IDE
|
Same, plus 1
functionality
|
No
|
|
|
CLI
|
|||
|
CI/CD
|
|||
|
Vulnerability
sources
|
4 sources
|
No information available
|
|
|
Priority
criteria
|
Same
|
CVSS, EPSS, KEV and Legit Posture
Scope
|
|
|
Custom
prioritization
|
No
|
||
|
Scanner
origin
|
|||
|
SCA
|
Yes.
No information available
|
||
|
AI security
|
No
|
||
|
Reachability
|
12 languages
|
Yes.
No information available
|
|
|
Reachability
type
|
|||
|
SBOM
|
Yes. No
information available
|
||
|
Malware detection
|
Yes
|
Yes
|
No
|
|
Autofix on components
|
No
|
No
|
No
|
|
Containers
|
No
|
||
|
Source
SAST
(languages)
|
12, 2 in common and 10 additional
|
Yes.
No information available
|
|
|
Source SAST
(frameworks)
|
No information available |
||
|
Custom rules
|
No
|
No
|
No
|
|
IaC
|
6,
2 in common and 4 additional
|
3,
2 in
common and 1 additional
|
|
|
Binary SAST
|
1 type
of binary
|
Same, plus 2 types of
binaries
|
No
|
|
DAST
|
No |
||
|
API security
testing
|
No
|
No
|
|
|
IAST
|
No
|
No
|
No
|
|
CSPM
|
Yes |
No
|
|
|
ASM
|
No
|
No
|
No
|
|
Secrets
|
15 secrets
types, 3 in common and 12 additional
|
Same, plus verify other attack
vectors and secrets
exploitability
|
3 secret types,
all in common
|
|
AI
|
3 functions,
2 in common and 1 additional
|
5 functions,
2 in common and 3 additional
|
|
|
MCP
|
|||
|
Open-source
|
Not applicable
|
||
|
Provisioning as Code
|
No
|
||
|
Deployment
|
|||
| Regions | |||
|
Status
|
|||
|
Incidents
|
Integrations
|
Attribute
|
Essential
|
Advanced
|
Legit Security
|
|
SCM
|
6, 4 in common and 2 additional
|
8, 4 in
common and 4 additional
|
|
|
Binary repositories
|
None
|
None
|
|
|
Ticketing
|
3, all in common
|
5, 3 in common and 2 additional |
|
|
ChatOps
|
None |
None
|
|
|
IDE
|
None |
||
|
CI/CD
|
20, 7 in common and 13
additional
|
9, 7 in common and 2
additional
|
|
|
SCA
|
Native and 10 integrations |
||
|
Container
|
|||
|
SAST
|
Native and 11 integrations |
||
|
DAST
|
None |
||
|
IAST
|
None |
None
|
None
|
|
Cloud
|
3, all in
common
|
||
|
CSPM
|
6 | ||
|
Secrets
|
Native and 3 integrations |
||
|
Remediation
|
None
|
None
|
None
|
|
Bug bounty
|
None
|
None
|
None
|
|
Vulnerability management
|
None
|
None
|
None
|
|
Compliance
|
None
|
None
|
References were last checked on Sep 18, 2025.
Free trial
Search for vulnerabilities in your apps for free with Fluid
Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan,
which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.