Jit is an application security platform that integrates multiple security scanning capabilities into a unified developer-focused interface. The platform incorporates several key security scanning functionalities: - Static Application Security Testing (SAST) for custom code analysis - Software Composition Analysis (SCA) for open source dependency scanning - Infrastructure as Code (IaC) security scanning - Cloud Security Posture Management (CSPM) - Container and Kubernetes security scanning - Software Bill of Materials (SBOM) generation - Secrets detection - Dynamic Application Security Testing (DAST) - CI/CD pipeline security checks The platform integrates with common development environments and cloud platforms including: - GitHub and GitLab for source code management - AWS, Azure, and GCP for cloud infrastructure - VS Code for IDE integration - Jira and Slack for workflow integration Key functionalities include: - Automated security scanning during pull requests - Contextual risk prioritization of security findings - Security policy management and enforcement - Team-based security reporting - Automated remediation capabilities - Vulnerability management workflow The platform aims to implement security controls within existing development workflows while providing visibility and management capabilities for security teams.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.
Search engine for open-source Git repositories with advanced features like case sensitivity and regular expressions.
A web application security testing platform that helps you test your knowledge on web application security through realistic scenarios with known vulnerabilities.
ConDroid performs concolic execution of Android apps to observe 'interesting' behavior in dynamic analysis.
A plugin for viewing, detecting weak configurations, and generating Content Security Policy headers.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.
APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.