boldstart ventures
Published in

boldstart ventures

Jit — security as code, welcome to boldstart

As a day one partner for technical founders, we loved to invest in founders building 🏗️ at the intersection of developer tooling and security. Ever since we first partnered with Snyk in 2015, we’ve made additional investments in shift ⬅️, developer first security companies like Slim (dev first container security), Cloudquery (dev first cloud asset inventory), and now Jit which is the launching the world’s first security as code platform for developers. Today, we’re thrilled to announce that boldstart led Jit’s $38.5M seed round joined by Insight Partners, Tiger Global, TechAviv, and strategic angel investors like Abby Kearns, former CTO of Puppet. We’re also excited to partner on day one with another founding team out of Israel along with companies like Snyk, BigID, Reco, Cloudquery, and many more.

We were first introduced to David Melamed and Aviram Shmueli through our friends at FXP (Gil Zimmermann, Ron Zalkind, Tsahy Shapsa) who co-founded Jit along with David and Aviram. It all started with the idea of Minimal Viable Security and how to help companies not only create a security plan from day zero but also let developers seamlessly and automatically implement it with each pull request. Given David and Aviram’s prior security experience as engineering and product leads for companies like Cisco, Cloudlock, SentinelOne, and Cyberark along with the company building experience from team FXP, we knew they were the team to back. While we did not know exactly what would be built, the idea of a bottoms up motion focused on developer experience and instant time to value was a product direction we all signed up for when we wrote our first check in early 2021.

In our opinion the timing couldn’t be any better for Jit. While the idea of shift ⬅️ security has been gaining traction over the last few years with many modern development organizations, the market is still super early. In addition, we’ve witnessed the launch of a plethora of developer-friendly open source and proprietary security tools resulting in chaos for many engineering and security teams as more time is spent integrating and making these disparate solutions work instead of finding and fixing vulnerabilities. Like the traditional DevOps market where many companies choose a best-of-breed tooling framework, the time is now to offer the same integration capabilities for the fast growing DevSecOps market. An orchestration layer to unify these tools while natively integrating the security as code experience into the developer workflow is desperately needed. Enter Jit, the first solution that allows developers to easily embed minimal viable security from day zero resulting in security at the speed of code. What took companies 18 months to come up with a security plan and implement as code now takes minutes to get started and run the necessary scans and fixes on source code, IaC and pipeline. Check out the security plan and PR scan below…

Like MVP for product development, MVS is a lean, iterative approach to adding security ‘Just-In-Time’. Following GitOps principles, Jit allows users to express MVS as a declarative security plan, specifying the security tools (open source, cloud native) and workflows across a customer’s entire stack. Jit automatically orchestrates security tools and workflows, as per the declarative MVS plan across Source Code, IaC and Pipeline. The Orchestration Framework’s plug-in architecture unifies the execution and interfaces of any security control, enabling a much simpler and consistent developer experience.

We are proud and 🙏🏼 to partner with the Jit team on day one, collaborate with the amazing FXP team for a second time, and lead Jit’s $38.5M seed round alongside Insight Partners, Tiger Global, TechAviv and prominent angels like Abby Kearns.

Welcome to the Boldstart family Jit and try it for free here.

More on the round from VentureBeat and from Jit.



day one partner and true believer for developer first & SaaS founders

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ed Sim

@boldstartvc day one partner + true believer for developer first, crypto infra & SaaS founders