Invicti Security Integration

Overview

The Jit-Invicti Security integration empowers you to strengthen your application security by seamlessly importing Invicti's DAST findings into your security workflows.

By combining Invicti Security's comprehensive dynamic application security testing with Jit's security automation, you can prioritize vulnerabilities based on real-time risk context and ensure your most critical web applications remain protected.

Integration Capabilities

Once integrated, you get:

Comprehensive DAST Visibility: Import Invicti Security's findings from your web applications directly into Jit
Risk-Based Prioritization: Leverage Invicti's risk scoring to prioritize security issues based on their actual impact
Streamlined Security Workflows: Address web application security issues alongside your other security findings in one unified platform
Context Enrichment: Enrich Jit's context graph with Invicti Security's findings for better issue prioritization

Integration Setup

Prerequisites

An active Invicti Security account
The necessary permissions to create API keys in Invicti
A Jit account with administrative privileges

Quickstart

In Jit's web app, navigate to the Integrations page

Find the "Invicti" card and click "Connect"
You will be prompted to provide:
- Your Invicti Security User ID
- Your Invicti Security API Token
To generate the required credentials in Invicti Security:
- Navigate to the API Settings page
- Create a new API Token
After submitting your credentials, the integration will be complete. Jit will start pulling findings from Invicti periodically and enriching its context graph with this data.

Troubleshooting

If you encounter issues with the integration:

Verify your API key has the correct permissions in Invicti Security
Check your network configuration to ensure Jit can reach the Invicti Security API endpoints
Verify that DAST scans are configured and running in your Invicti account
Contact Jit support if issues persist