Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We’re excited to announce Jit’s integration with Semgrep Code, bringing best-of-breed static application security testing (SAST) into Jit’s complete product security platform. This integration makes it easier than ever for security teams to detect, unify, and prioritize code security vulnerabilities alongside other product security risks.

We’re excited to announce our deepening partnership with Google Cloud, marked by two major milestones: Jit has received the “New Customer Acquisition” award from GCP Israel—recognizing our success in helping businesses enhance their cloud security on Google Cloud.

Without the widespread developer adoption of security tools, it's extremely difficult to build secure applications in the cloud. Developers aren’t security experts, which is why development teams will leverage application security tools – like SAST, SCA, IaC Scanning, secrets detection, and other technologies – to scan their code and surface vulnerabilities. These tools are often resisted by developers.

Today, we’re excited to announce Jit’s integration with Orca Security! This partnership enables security teams to correlate cloud security risks with application security risks to understand how the security of one resource impacts another. Security teams today struggle with siloed tools and security insights, as well as inconsistent prioritization methods across tooling.

We did that in a record time of 12 days!! Yes, you read right, TWELVE DAYS! We are thrilled to announce that Jit is now officially listed on the AWS Marketplace. This marks a significant milestone in our journey, as it not only enhances our visibility but also makes it easier for potential customers to find, test, buy, and deploy Jit. Being listed on the AWS Marketplace is a testament to our commitment to providing top-notch services to our customers.

Open source security scanners generate overwhelming volumes of potential security issues that need to be manually investigated to determine their true risk. Open source dependencies introduce a constant stream of CVEs, but not every vulnerability is actually exploitable. Without runtime context, teams waste time chasing issues that pose little to no real risk—slowing down development and diverting focus from true risks.

Checking off application security requirements for SOC 2 compliance is often a burden for everyone involved. Security and GRC teams need to manually upload evidence to SOC2 compliance systems like Drata, while development teams suddenly need to use code security scanners that throw wrenches in the SDLC.

Security teams and developers are drowning in product security alerts. Every security scan generates a flood of issues, and manually reviewing, prioritizing, and assigning each one is time-consuming and inefficient. The result? Critical risks get buried in long backlogs, while developers waste time chasing issues that don’t actually introduce real risk.

Today, Jit and Cyera are thrilled to announce an integration that will help address one of the most pressing challenges in cybersecurity: prioritizing code and cloud vulnerabilities according to the actual risk they introduce. Put simply, this integration will make it easy for security teams to pinpoint vulnerabilities (detected by Jit) that impact the security of your most sensitive data (monitored by Cyera). As a result, security teams.

At Jit, we’re all about empowering developers to build secure software without compromising agility. But as teams scale, enforcing strong governance and compliance practices while enabling flexibility can be tricky. That’s why we’re thrilled to announce Policies, a new feature that lets you customize controls over who can ignore security findings in Jit. With Policies, you can ensure security findings are addressed appropriately based on risk, context, and compliance requirements.