0

django-DefectDojo

DefectDojo is an open-source application vulnerability correlation and security orchestration tool.

Official Site
Github repo
Main metrics

Github stars Tracking Chart

DefectDojo

OWASP Flagship GitHub release YouTube Subscribe Twitter Follow

Build Status Documentation Status CII Best Practices

Screenshot of DefectDojo

DefectDojo is a security program and
vulnerability management tool.
DefectDojo allows you to manage your application security program, maintain
product and application information, schedule scans, triage vulnerabilities and
push findings into defect trackers.
Consolidate your findings into one source of truth with DefectDojo.

Demo

Try out DefectDojo in our
testing environment with the following
credentials.

  • admin / defectdojo@demo#appsec
  • product_manager / defectdojo@demo#product

Quick Start

git clone https://github.com/DefectDojo/django-DefectDojo
cd django-DefectDojo
# building
docker-compose build
# running
docker-compose up

Navigate to http://localhost:8080.

Documentation

For detailed documentation you can visit
Read the Docs.

Supported Installation Options

Getting Started

We recommend checking out the
about document to
learn the terminology of DefectDojo and the
getting started guide
for setting up a new installation.
We've also created some example
workflows that
should give you an idea of how to use DefectDojo for your own team.

Client APIs

  • Install the DefectDojo Python API via pip install defectdojo_api or clone
    the repository.
  • Browse the API on
    SwaggerHub.
    Swagger Status

Getting Involved

Slack

Realtime discussion is done in the OWASP Slack Channel, #defectdojo.
Get Access.

Twitter

More info: Contributing guideline

DefectDojo Twitter Account tweets project
updates and changes.

Available Plugins

Engagement Surveys
– A plugin that adds answerable surveys to engagements.

LDAP Integration

SAML Integration

Multi-Factor Auth

About Us

DefectDojo is maintained by:

Project Moderators

Project Moderators can help you with pull requests or feedback on dev ideas.

Hall of Fame

  • Charles Neill (@ccneill) – Charles served as a
    DefectDojo Maintainer for years and wrote some of Dojo's core functionality.
  • Jay Paz (@jjpaz) – Jay was a DefectDojo
    maintainer for years. He performed Dojo's first UI overhaul, optomized code structure/features, and added numerous enhancements.

Contributing

We greatly appreciate all of our
contributors.

We would also like to highlight the contributions from Michael Dong and Fatimah
Zohra who contributed to DefectDojo before it was open source.

Swag Rewards

If you fix an issue with the swag reward tag, we'll send you a shirt and some
stickers!

Dojo tshirt front

Support

Proceeds are used for testing, infrastructure, etc.

PayPal

Sponsors

Xing
10Security
GCSecurity
ISAAC
Timo-Pagel
SDA-SE
Signal-Iduna
WSO2

Interested in becoming a sponsor and having your logo displayed? Please review
our sponsorship information or email greg.anderson@owasp.org

License

DefectDojo is licensed under the BSD Simplified license

Main metrics

Overview
Name With OwnerDefectDojo/django-DefectDojo
Primary LanguageHTML
Program languagePython (Language Count: 8)
Platform
License:BSD 3-Clause "New" or "Revised" License
所有者活动
Created At2015-02-19 17:53:47
Pushed At2025-04-24 12:44:04
Last Commit At2025-04-21 20:33:19
Release Count240
Last Release Name2.45.2 (Posted on 2025-04-22 02:33:47)
First Release Namev1.0 (Posted on 2015-04-02 22:56:03)
用户参与
Stargazers Count4k
Watchers Count206
Fork Count1.6k
Commits Count12k
Has Issues Enabled
Issues Count2967
Issue Open Count341
Pull Requests Count7559
Pull Requests Open Count37
Pull Requests Close Count1491
项目设置
Has Wiki Enabled
Is Archived
Is Fork
Is Locked
Is Mirror
Is Private