Security Plans Automate Toolchain Implementation for DevSecOps

Select the Security Plan that works best for you, and implement it into your developer environment with a click.

Security Mapping

Turn on security plans:

Application Security

Cloud security

CI/CD Security

WebApp security

Jit MVS

AWS FTR

OWASP ASVS

How Security Plans Deliver Full Coverage in Minutes

Step 1

Connect Jit with your repos

Install the Jit Github app to connect Jit to your desired repos in minutes. New repos are covered by Jit as they’re created.

Step 2

Choose and adjust your Security Plan

Choose the best Security Plan for your use case. Edit the Plan yourself or get in contact with Jit to adjust your plan as necessary.

Step 3

Activate a Security Plan(s)

Activating a Security Plan automatically scans all connected repos, while implementing continuous scanning as new PRs are created.

Explore Jit’s Security Plans

Implement any number of Security Plans to tailor the security toolchain to your exact requirements.

Security Maturity Plans

Maturity Plans implement security toolchains with varying levels of security controls depending on your organization’s maturity.

Learn more

Security Module Plans

Security Module Plans implement security toolchains tailored to specific use cases, like application security or cloud security.

Learn more

Compliance & Standards Plans

Compliance and Standards Plans implement security toolchains tailored to specific compliance and standards requirements.

Learn more

Start simple, and progress towards wider coverage with Maturity Plans

Start with Minimum Viable Security (MVS) to implement strong initial defense against common vulnerabilities, and work your way to the Max Security Plan if needed.

Minimum Viable Security (MVS) Plan

Will include SAST, SCA, Secrets detection, IaC scanning, and GitHub Misconfiguration scanning.

Minimum Viable Security+ Plan

Coming soon! Will include everything in Minimum Viable Security Plan, plus CSPM.

Jit Max Security Plan

Includes SAST, SCA, Secrets detection, IaC scanning, GitHub Misconfiguration scanning, CSPM, container scanning (coming soon!), SBOM, OSS license checking, and DAST.

Quickly fill security gaps throughout your SDLC with Use Case Plans

Use Case Plans make it easy to plug holes in your security toolchain. Add any number of Use Case plans to tailor your toolchain to your specific needs.

Application Security Plan

Includes SAST, SCA, Secrets detection, SBOM, and OSS license checking.

CI/CD Security Plan

Secure your CI/CD pipeline with GitHub misconfiguration detection.

AWS Security Plan

Coming soon! Will include Cloud Security Posture Management (CSPM) and IaC scanning to surface cloud misconfigurations.

Web App Security Plan

Leverage DAST to identify and mitigate vulnerabilities for web applications and APIs.

Fulfill specific compliance requirements and standards with Compliance & Standards Plans

Tailor your security toolchain to meet specific compliance requirements and standards.

OWASP ASVS Plan

Includes the DAST and vulnerability management requirements to fulfill OWASP ASVS.

AWS FTR Plan

Includes IaC scanning, CSPM, secrets detection, and vulnerability management requirements for AWS FTR.

SOC2 Plan

Will include the required x capabilities for SOC 2 compliance.

OWASP Top 10 Plan

Will include the security controls needed to surface the most recent OWASP Top 10 vulnerabilities.

CIS Benchmark Plan

Coming soon! Will include the security controls needed to score well for the CIS Benchmark.

The onboarding to Jit was seamless––all I had to do was give the required permissions, and we immediately had full security coverage. It was the easiest system I have onboarded to.

Bar Maoist
DevOps Lead