The plan page displays information about your security plan and enables you to make any necessary changes. This view also enables you to determine which security requirements are running successfully (marked with a green check) and which security requirements are failing (red x). When all security requirements are passing, the plan is 100% complete. Note that a security requirement failing does not indicate that the underlying security tool uncovered a security finding; conversely, it is possible that a passing security requirement may have uncovered a security finding. Plan completeness displays in a widget on the upper left side of the page.
To view the details of a security requirement, select it from the table. For detailed information on specific security requirements, see the security plan reference chapter.
Security Requirement Details
- What will Jit do? Information on how Jit addresses this security requirement.
- Integrations Third-party to which Jit requires access in order to address this security requirement.
- Plans Plans that include this security requirement.
- Supported Languages Each specific security tool and its respective language compatibility.
To view the YAML code of your plan —which is stored in the .jit repository— select the Live on Github button. Github opens in a new browser window.
To add a security requirement:
- Select Browse Catalog.
- Check the boxes on the left side of the dialog to filter security requirements.
- Check the boxes of the security requirements you wish to include.
- Select Add Requirements.
- Select Commit Plan to save your changes, which Jit accomplishes by modifying the contents of the .jit repository located in your source code management platform.
- You can batch-select filtered security requirements using the Select Requirements checkbox.
- Some security requirements may require additional integration steps before you can commit the change to your plan. For further information, reference the specific security requirement you wish to add in the Security Requirements chapter.
Jit enables you to choose which assets (Github repositories for code scanning, Github Organization for the security of the SCM itself, AWS Account ID) are protected under your security plan.
To include/exclude repositories:
- Select Manage Repos from the top-right corner of the page.
- Check or uncheck repositories as needed. Repositories that are not checked will not be protected by Jit.
- Select Done to save your changes.
Updated 16 days ago