DefectDojo is a security program and vulnerability management tool. It allows you to manage your application security program, maintain product and application information, schedule scans, triage vulnerabilities and push findings into defect trackers. Consolidate your findings into one source of truth with the tool.
Try out it in our testing environment with the following credentials.
- admin / defectdojo@demo#appsec
- product_manager / defectdojo@demo#product
git clone https://github.com/DefectDojo/django-DefectDojo
Navigate to http://localhost:8080.
For detailed documentation you can visit Read the Docs.
We’ve also created some example workflows that should give you an idea of how to use it for your own team.
- Install the DefectDojo Python API via
pip install defectdojo_apior clone the repository.
- Browse the API on SwaggerHub.
- Engagement Surveys – A plugin that adds answerable surveys to engagements.
- LDAP Integration
- SAML Integration
- Multi-Factor Auth