DefectDojo is a security program and vulnerability management tool. DefectDojo allows you to manage your application security program, maintain product and application information, schedule scans, triage vulnerabilities and push findings into defect trackers. Consolidate your findings into one source of truth with DefectDojo.


Quick Start

$ git clone https://github.com/DefectDojo/django-DefectDojo
$ cd django-DefectDojo
$ ./setup.bash
$ ./run_dojo.bash

navigate to 127.0.0.1:8000

Demo
If you’d like to check out a demo of DefectDojo before installing it, you can check out our PythonAnywhere demo site.

You can log in as an administrator like so:

You can also log in as a product owner / non-staff user:

Additional Documentation
For additional documentation you can visit our Read the Docs site.

Installation Options

Debian, Ubuntu (16.04.2+) or RHEL-based Install Script
Docker
Ansible

Getting Started
We recommend checking out the about document to learn the terminology of DefectDojo, and the getting started guide for setting up a new installation. We’ve also created some example workflows that should give you an idea of how to use DefectDojo for your own team.

DefectDojo Client API’s

  • DefectDojo Python API: pip install defectdojo_api or clone the repository.