Today, I’m thrilled to announce Jit’s full support for GitLab, which will significantly expand our ability to execute our mission to empower every developer to secure everything they code. This new integration will provide all of the same benefits that we’ve been delivering to our customers on GitHub for years, including: If you’re on GitLab, check out the guidelines below to quickly realize these benefits.

AWS-Vault is an excellent open-source tool by 99Designs that enables developers to store AWS credentials in their machine keystore securely. After using it for a while at Jit, I decided to dig deeper into how it works and learned a lot along the way. In this article, I will summarize and simplify the information I learned to help others with their aws-vault adoption and lower the barrier to usage.

In programming, the term idempotence may sound like a complex and arcane concept reserved for mathematical discussions or computer science lectures. However, its relevance stretches far beyond academia. Idempotence, also called idempotency, is a fundamental principle that is pivotal in ensuring software systems’ predictability, reliability, and consistency.

Let’s be honest: some software development changes are bound to fail. The increasing reliance on software systems means that the frequency and complexity of changes are constantly increasing. While you can’t always have pitch-perfect processes, you can bounce back quickly- and, thankfully, there’s a way to measure that. Change Failure Rate (CFR) is one of the four key metrics of DORA Metrics.

Let’s keep it real: security compliance often makes your DevOps team feel strained. This burden spans multiple security sub-domains, such as information, network, and endpoint security, and specific security configurations, such as Identity and Access Management (IAM). Restraining budgets and ambitious expansion plans make it even more tempting to brush security under the rug until it becomes a challenge too big to ignore.

Logging was once just a best practice to help you understand what's happening inside your applications. Now, any security expert worth their salt will tell you that you can’t build a security plan without it. As a result, organizations have turned to specialized logging tools like Log4J to strengthen their application security. This move has proven highly effective, with cyberattack risks on businesses dropping from 44% in 2022 to 34% in 2023.