Legit Security’s Open-Source Security Tool “Legitify” Adds Support for GitLab and GitHub Enterprise Server

TEL AVIV, Israel, Jan. 26, 2023 (GLOBE NEWSWIRE) — Legit Security, a cyber security company with an enterprise platform that protects an organization's software supply chain from attack and ensures secure application delivery, today announced that Legitify, the open–source security tool that it maintains in addition to its enterprise SaaS platform, has expanded support to include GitHub Enterprise Server and GitLab. Now security and software development teams can easily detect and remediate insecure configurations and vulnerabilities in these popular source–code management (SCM) systems in addition to GitHub.com. To download Legitify, please visit the Legit Security website.

Legitify is a source–code management (SCM) misconfiguration scanner that helps Security, DevOps and Development teams manage and enforce SCM configurations in a secure and scalable way. Legitify was developed to provide the open–source community with a security tool to prevent a very common source of software supply chain attacks by detecting and remediating vulnerabilities that originate in SCM misconfigurations.

After Legitify's initial release in 2022, multiple requests were received by Legit Security to expand Legitify's support to additional popular SCM products used by enterprise organizations. GitHub Enterprise Server and GitLab Server are two of the most popular on–premise SCM systems used globally today. Insecure configurations in these SCM systems and others have opened the door to multiple cyberattacks, data breaches, and exploits that have made headline news. Legitify is designed to identify and address insecure SCM configurations in real–time, ensuring that both cloud and on–premise SCM implementations are secure and compliant. Legitify can also be scheduled to run periodically to validate secure configurations continuously.

In addition to broader SCM support, Legitify's latest release also includes other new features including:

  • Dozens of new SCM security policies that have been added, including a new security policy category called "Runner Groups", that can detect misconfigurations in GitHub's runner groups. You can browse all of Legitify's security policies at legitify.dev.
  • A new GitHub action that can be used to run Legitify as part of the organization's CI/CD pipeline, allowing users to gain continuous protection and receive immediate alerts when a new misconfiguration is detected.
  • To enhance the software supply chain security of Legitify's users, every Legitify release now contains a SLSA Level 3 Provenance attestation that can be used to verify the authenticity of the tool.

"We encounter security incidents on a weekly basis with prospective customers that involve pipeline manipulation, code theft and sensitive data exposure "" many of which result from bad SCM configurations," said Liav Caspi, CTO and co–founder of Legit Security. "We see a huge demand for an open–source tool like Legitify to quickly verify the secure configuration of SCM resources. Our mission with Legitify is to provide an extremely useful open–source security tool to complement our more capable and commercially available Legit Security Platform. We plan to have many more exciting capabilities released in Legitify over time."

Legitify's capabilities represent a subset of the broader security capabilities available on the enterprise–grade Legit Security Platform. The Legit Security Platform goes well beyond SCM misconfigurations by securing entire software supply chain environments inclusive of other development assets, build servers, artifact registries, code–to–cloud development pipelines and more. Additional information on the Legit Security Platform can be found on the company's website: https://www.legitsecurity.com.

Legit Security

Legit Security protects an organization's software supply chain from attack and ensures secure application delivery, governance and risk management from code to cloud. The platform's unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments, and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.


GLOBENEWSWIRE (Distribution ID 8737343)

Cabo Verde Hoists the Blue Flag

In a tourism-dependent economy, sustainable finance will promote sustainable fisheries, maritime transport, and tourism. Credit: UNDP

By Christopher Marc Lilyblad
MINDELO, Cabo Verde, Jan 26 2023 – On 20 January, the world’s best sailors arrived in Mindelo, Cabo Verde, completing the initial leg of the 2023 edition of The Ocean Race. Coinciding with this stop was the launch of Cabo Verde’s first blue bond at the Ocean Summit, an event jointly organized by The Ocean Race and the Government of Cabo Verde on the sidelines of the grueling round-the-world race. United Nations Secretary-General Antonio Guterres was in attendance as this year’s keynote speaker.

The bond was launched on Cabo Verde’s Blu-X sustainable finance platform, a regional platform for listing and trading sustainable and inclusive financial instruments.

The issuance will raise domestic, regional, and global investment in Cabo Verde’s rising ocean economy while divesting capital from industries responsible for sea-level rise, pollution, and other transgressions against ocean rights.

In brief, the winds of sustainable finance are filling the sails of a local blue economy heeling towards global Ocean Rights.

Consistent with its blue seal, up to US$1 million in proceeds (minimum US$500,000) will supply affordable loans to microentrepreneurs and startups in coastal communities, emphasizing financial inclusion to ensure widespread access to the new value generated from the growing blue economy.

The remaining US$1.5 million foresees structural investments in small and medium-sized enterprises operating in the maritime and fisheries sectors.

Notably, this is the first initial public offering, or IPO, listed on the Blu-X sustainable finance platform. This means anyone, anywhere with access to the digital Blu-X platform can invest via their computer or phone, including foreign investors and members of Cabo Verde’s sizable diaspora.

Furthermore, this marks the first private issuance that does not rely on a public guarantee but is solely backed by market demand. With a ‘greenshoe’ (or ‘blue aquasocks’, rather?) option of an additional US$ 1 million triggered if demand for bond subscriptions exceeds the initial US$2.5 million, the blue bond could ultimately generate US$3.5 million in private and market-driven finance for a sustainable blue economy.

In a race against time during the UN’s Ocean Decade, this initial blue bond listing offers a potentially game-changing test case for Cabo Verde’s blue finance ambitions.

The strategic partnership between the Cabo Verde Stock Exchange (Bolsa de Valores de Cabo Verde – BVC) and UNDP under Cabo Verde’s integrated national financing framework (INFF) has already led to four sustainable bond issuances totaling USD32.5 million.

Building on this momentum, the blue bond’s proceeds are exclusively destined for sustainable marine- and ocean-based projects generating returns for the economy, society, and environment – the triple bottom line.

With funding from the UN’s Joint SDG Fund and UNDP’s strategic and technical support, the Blu-X team at the BVC guided the Cabo-Verdean International Investment Bank through the process of issuing the bond framework, following an external review process that ensures adherence to blue principles.

What actually ‘counts as’ blue has recently been established through a new blue bond regulation in November 2022, enacted under the authority of Cabo Verde’s capital market regulatory agency.

The regulation draws on the Atlantic Technical University’s blue taxonomy, derived from a scientific study of existing blue economy activities and the potential of Cabo Verde’s shores.

The first of its kind in Africa, the regulation reflects the country’s pioneering role in defining blue finance norms, standards, and principles, which closely aligns with the Ocean Race’s Sustainability Charter and corresponding calls for a Universal Declaration of Ocean Rights anchored at the United Nations.

By hoisting the blue flag, Cabo Verde is again signaling its emergence as a global front-runner. Indeed, since the first blue bond issuance by Seychelles in 2018, these financial instruments have mostly been treated as a subsidiary category of green bonds in financial markets. However, what was once seen as a ‘shade of green’ is now emerging as a primary colour of its own.

Building on this initial proof of concept, the proliferation of blue bonds has the potential to transform financing for Cabo Verde’s strategic sustainable development agenda: Ambition 2030.

In a tourism-dependent economy vulnerable to external shocks, the growth of sustainable finance and the blue economy will accelerate socio-economic decentralization and sectorial diversification, from fisheries and maritime transport to nautical sports and ocean-based technology.

As a small island developing state that is “99 percent ocean,” this stands to benefit the local communities that depend on marine environments and maritime spaces for their livelihoods.

Blue economy impact investing poignantly illustrates why marine environments and biodiversity should be preserved not only as ends in themselves but also as catalysts for value creation.

As more and more people subscribe to the idea that protecting ocean resources is vital for maintaining and growing economies, we will see an upsurge in innovative businesses, initiatives and transactions that advance marine conservation.

The growth of blue entrepreneurship and investment paves the way for greater collaboration spurring collective action capable of avoiding a tragedy of the ocean commons.

In other words, by reshaping economic incentive structures along these lines and leveraging their effects in local coastal communities, sustainable finance enhances cognizance of global ocean sustainability principles and incentivizes corresponding human action.

The Ocean Race Cabo Verde presented by Blu-X marks a growing interest in Cabo Verde’s emerging blue standard. Inspired by these blue finance bearings, perhaps others will soon chart a similar course, with the prospect of collectively raising an entire fleet racing towards the UN Ocean Decade finish.

Christopher Marc Lilyblad is Head of Strategy and Policy Unit, a.i. UNDP Cabo Verde; Development Economist & Head of Strategy and Economic Cluster, a.i. UNDP Guinea-Bissau

Source: UNDP

IPS UN Bureau

 


!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?’http’:’https’;if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src=p+’://platform.twitter.com/widgets.js’;fjs.parentNode.insertBefore(js,fjs);}}(document, ‘script’, ‘twitter-wjs’);