Automate DevSecOps Implementation with Security Plans

Select the Security Plan that works best for you, and implement it into your developer environment with a few clicks.

How Security Plans Deliver Full Coverage in Minutes

Step 1

Connect Jit with your repos

Install the Jit Github app to connect Jit to your desired repos in minutes. New repos are covered by Jit as they’re created.
Step 2

Choose and adjust your Security Plan

Choose the best Security Plan for your use case. Edit the Plan yourself or get in contact with Jit to adjust your plan as necessary.
Step 3

Activate a Security Plan(s)

Activating a Security Plan automatically scans all connected repos, while implementing continuous scanning as new PRs are created.
Bar Maoist
“The onboarding to Jit was seamless — all I had to do was give the required permissions, and we immediately had full security coverage.”
Bar Maoist
DevOps Manager at JunoJourney
Security Mapping
Turn on security plans:
Application Security
Cloud security
CI/CD Security
WebApp security
Jit MVS
AWS FTR
OWASP ASVS
See more

Explore Jit’s Security Plans

Security
Maturity Plans

Maturity Plans implement security toolchains with varying levels of security controls depending on your organization’s maturity.
Learn more

Security
Module Plans

Use Case Plans implement security toolchains tailored to specific use cases, like application security or cloud security.
Learn more

Compliance & Standards Plans

Compliance and Standards Plans implement security toolchains tailored to specific compliance and standards requirements.
Learn more
Minimum Viable Security (MVS) Plan
Will include SAST, SCA, Secrets detection, IaC scanning, and GitHub Misconfiguration scanning.
Minimum Viable Security+ Plan
Coming soon! Will include everything in Minimum Viable Security Plan, plus CSPM.
Jit Max Security Plan
Includes SAST, SCA, Secrets detection, IaC scanning, GitHub Misconfiguration scanning, CSPM, container scanning (coming soon!), SBOM, OSS license checking, and DAST.

Start simple, and progress towards wider coverage with Maturity Plans

Start with Minimum Viable Security (MVS) to implement strong initial defense against common vulnerabilities, and work your way to the Advanced Protection Plan if needed.
Application Security Plan
Includes SAST, SCA, Secrets detection, SBOM, and OSS license checking.
CI/CD Security Plan
Secure your CI/CD pipeline with GitHub misconfiguration detection.
AWS Security Plan
Coming soon! Will include Cloud Security Posture Management (CSPM) and IaC scanning to surface cloud misconfigurations.
Web App Security Plan
Leverage DAST to identify and mitigate vulnerabilities for web applications and APIs.

Quickly fill security gaps throughout your SDLC with Use Case Plans

Use Case Plans make it easy to plug holes in your security toolchain. Add any number of Use Case plans to tailor your toolchain to your specific needs.
OWASP ASVS Plan
Includes the DAST and vulnerability management requirements to fulfill OWASP ASVS.
AWS FTR Plan
Includes IaC scanning, CSPM, secrets detection, and vulnerability management requirements for AWS FTR.
SOC2 Plan
Will include the required x capabilities for SOC 2 compliance.
OWASP Top 10 Plan
Will include the security controls needed to surface the most recent OWASP Top 10 vulnerabilities.
CIS Benchmark Plan
Coming soon! Will include the security controls needed to score well for the CIS Benchmark.

Fulfill specific compliance requirements and standards with Compliance & Standards Plans

Tailor your security toolchain to meet specific compliance requirements and standards.