Skip to content

DefectDojo is an open-source application vulnerability correlation and security orchestration tool.

License

Notifications You must be signed in to change notification settings

flexion/django-DefectDojo

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

DefectDojo

OWASP Flagship GitHub release YouTube Subscribe Twitter Follow

Unit TestsIntegration Tests CII Best Practices

Screenshot of DefectDojo

DefectDojo is a security orchestration and vulnerability management platform. DefectDojo allows you to manage your application security program, maintain product and application information, triage vulnerabilities and push findings to systems like JIRA and Slack. DefectDojo enriches and refines vulnerability data using a number of heuristic algrothims that improve with the more you use the platform.

Demo

Try out the demo sever at demo.defectdojo.org

Log in with admin / defectdojo@demo#appsec. Please note that the demo is pubicly accessable and regularly reset. Do not put sensitive data in the demo.

Quick Start

git clone https://github.com/DefectDojo/django-DefectDojo
cd django-DefectDojo
# building
docker-compose build
# running
docker-compose up
# obtain admin credentials. the initializer can take up to 3 minutes to run
# use docker-compose logs -f initializer to track progress
docker-compose logs initializer | grep "Admin password:"

Navigate to http://localhost:8080.

Supported Installation Options

Community, Getting Involved, and Updates

Slack LinkedIn Twitter Youtube

Join the slack community and discussion! Realtime discussion is done in the OWASP Slack Channel, #defectdojo. Follow DefectDojo on Twitter, Linkedin, and YouTube for project updates!

Commercial Support and Training

Commercial support and training is availaible through 10Security.

10Security was founded by the creators of DefectDojo. For information please email info@10security.com or visit our site.

About Us

DefectDojo is maintained by:

Project Moderators

Project Moderators can help you with pull requests or feedback on dev ideas.

Hall of Fame

  • Charles Neill (@ccneill) – Charles served as a DefectDojo Maintainer for years and wrote some of Dojo's core functionality.
  • Jay Paz (@jjpaz) – Jay was a DefectDojo maintainer for years. He performed Dojo's first UI overhaul, optimized code structure/features, and added numerous enhancements.

Sponsors

10Security ISAAC Tim Pagel Cloudbees ARRIVAL WeHackPurle MiabornWolff

License

DefectDojo is licensed under the BSD Simplified license

About

DefectDojo is an open-source application vulnerability correlation and security orchestration tool.

Resources

License

Security policy

Stars

Watchers

Forks

Packages

No packages published

Languages

  • HTML 69.9%
  • Python 28.8%
  • JavaScript 0.6%
  • Smarty 0.3%
  • Shell 0.2%
  • CSS 0.2%