Automate DevSecOps Implementation with Security Plans
Select the Security Plan that works best for you, and implement it into your developer environment with a few clicks.
How Security Plans Deliver Full Coverage in Minutes
Step 1
Connect Jit with your repos
Integrate Jit with GitHub or GitLab to enable one-click activation for security tools. New repos and projects are covered automatically.
Step 2
Choose and adjust your Security Plan
Choose the best Security Plan for your use case. Edit the Plan yourself or get in contact with Jit to adjust your plan as necessary.
Step 3
Activate a Security Plan(s)
Activating a Security Plan automatically scans all connected repos, while implementing continuous scanning as new PRs are created.
“The onboarding to Jit was seamless — all I had to do was give the required permissions, and we immediately had full security coverage.”
Bar Maoist
DevOps Manager at JunoJourney
DevOps Manager at JunoJourney
Security Mapping
Turn on security plans:
Application Security
Cloud security
CI/CD Security
WebApp security
Jit MVS
AWS FTR
OWASP ASVS
See more
Explore Jit’s Security Plans
Security
Maturity Plans
Maturity Plans implement security toolchains with varying levels of security controls depending on your organization’s maturity.
Learn more
Security
Module Plans
Use Case Plans implement security toolchains tailored to specific use cases, like application security or cloud security.
Learn more
Compliance & Standards Plans
Compliance and Standards Plans implement security toolchains tailored to specific compliance and standards requirements.
Learn more
Minimum Viable Security (MVS) Plan
Will include SAST, SCA, Secrets detection, IaC scanning, and GitHub Misconfiguration scanning.
Minimum Viable Security+ Plan
Coming soon! Will include everything in Minimum Viable Security Plan, plus CSPM.
Jit Max Security Plan
Includes SAST, SCA, Secrets detection, IaC scanning, GitHub Misconfiguration scanning, CSPM, container scanning (coming soon!), SBOM, OSS license checking, and DAST.
Start simple, and progress towards wider coverage with Maturity Plans
Start with Minimum Viable Security (MVS) to implement strong initial defense against common vulnerabilities, and work your way to the Advanced Protection Plan if needed.
Application Security Plan
Includes SAST, SCA, Secrets detection, SBOM, and OSS license checking.
CI/CD Security Plan
Secure your CI/CD pipeline with GitHub misconfiguration detection.
AWS Security Plan
Coming soon! Will include Cloud Security Posture Management (CSPM) and IaC scanning to surface cloud misconfigurations.
Web App Security Plan
Leverage DAST to identify and mitigate vulnerabilities for web applications and APIs.
Quickly fill security gaps throughout your SDLC with Use Case Plans
Use Case Plans make it easy to plug holes in your security toolchain. Add any number of Use Case plans to tailor your toolchain to your specific needs.
OWASP ASVS Plan
Includes the DAST and vulnerability management requirements to fulfill OWASP ASVS.
AWS FTR Plan
Includes IaC scanning, CSPM, secrets detection, and vulnerability management requirements for AWS FTR.
SOC2 Plan
Will include the required x capabilities for SOC 2 compliance.
OWASP Top 10 Plan
Will include the security controls needed to surface the most recent OWASP Top 10 vulnerabilities.
CIS Benchmark Plan
Coming soon! Will include the security controls needed to score well for the CIS Benchmark.
Fulfill specific compliance requirements with Compliance & Standards Plans
Tailor your security toolchain to meet specific compliance requirements and standards.