This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP DefectDojo Project"

From OWASP

Jump to: navigation, search

Revision as of 14:53, 4 June 2018

OWASP DefectDojo Tool Project

An open source vulnerability management tool that streamlines the testing process by offering templating, report generation, metrics, and baseline self-service tools.

DefectDojo is a tracking tool written in Python / Django. DefectDojo was created in 2013 and open-sourced on March 13th, 2015. The project was started to make optimizing vulnerability tracking less painful. The top goal of DefectDojo is to reduce the amount of time security professionals spend logging vulnerabilities. DefectDojo accomplishes this by offering a templating system for vulnerabilities, imports for common vulnerability scanners, report generation, and metrics.

Description

DefectDojo streamlines the testing process through several 'models' that an admin can manipulate with Python code. The core models include: 'engagements', 'tests' and 'findings'. DefectDojo has supplemental models that facilitate metrics, authentication, report generation, and tools. DefectDojo is written in Python 2.7 with Django 1.8.

Testing or installing DefectDojo is easy. There is a live demo for interested parties to try Dojo here. If you decide to setup an instance of Dojo for your organization, we have developed a script that handles all dependencies, configures the database, and creates a super user. Complete installation instructions are found here. A complete walk-through can be found here. Documented example workflows can be found [1].

Licensing

DefectDojo is licensed under the BSD Simplified License.

Project Resources

Live Demo

Source Code

Getting Started Guide

What's New

Issue Tracker

Project Leaders

Related Projects

OWASP AppSec Pipeline

Classifications

News and Events

[15 Dec 2017] Version 1.2.1 Released
[20 Sep 2017] Version 1.2.0 Released
[19 Dec 2016] Version 1.1.3 Released
[12 Nov 2016] Version 1.1.2 Released
[13 Oct 2016] Version 1.1.1 Released
[1 Oct 2016] Version 1.1.0 Released
[22 Dec 2015] Version 1.0.5 Released
[08 Sep 2015] Version 1.0.4 Released
[27 Jul 2015] Version 1.0.3 Released
[16 Jun 2015] Version 1.0.2 Released
[30 Sep 2015] Version 1.0.1 Released
[02 Apr 2015] Version 1.0.0 Released
[15 Mar 2015] DefectDojo is open-sourced

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_DefectDojo_Project&oldid=241121"

Categories:

Hidden category:

OWASP DefectDojo

@@ Line 37: / Line 37: @@
 [https://www.owasp.org/index.php/User:Grendel Jay Paz][mailto:jay.paz@owasp.org @]
+[https://www.owasp.org/index.php/User:Aweaver Aaron Weaver][mailto:aaron.weaver@owasp.org @]
 == Related Projects ==

Difference between revisions of "OWASP DefectDojo Project"

Revision as of 14:53, 4 June 2018

OWASP DefectDojo Tool Project

Description

Licensing

Project Resources

Project Leaders

Related Projects

Classifications

News and Events

How can I participate in your project?

If I am not a programmer can I participate in your project?

Contributors

Sponsors

Roadmap

Getting Involved

Coding

Localization

Testing

Feedback

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools