Getting Started

Welcome to Getting Started

This guide explains how to perform Jit tasks that are typically the responsibility of your engineering organization's product security champion, beginning with the process of onboarding your organization with Jit.

Things to know before you onboard....

Who is a product security champion?

The product security champion is responsible for deploying Jit, managing the security plan, and the general administration of the Jit solution. In practice, security champions are typically technical leads in the R&D organization who have a clear, high-level perspective on the unique product security needs of their cloud app.

Jit and GitHub

The Jit security platform is designed specifically to be integrated into GitHub to protect your entire software development lifecycle (SDLC). When onboarding to Jit, you are required to log in with GitHub. Once in the Jit platform, you will need to integrate with GitHub (install the Jit GitHub app) in order to progress.

By integrating the GitHub app, you can:

  • Configuration as Code, Jit settings are stored in your GitHub. You can configure product/service integrations as code for cloud, web apps, API security scanning, and third-party workflows.
  • Privacy-focused code scanning, Jit continuously scans your GitHub repos and organization for security vulnerabilities and offers remediation. Jit scans run directly in your GitHub using GitHub Actions.
  • Dev-friendly GitHub interactions, Jit comments with actions (remediations) only on security vulnerabilities that are part of a PR change.

What’s Next