Skip to content

yjerez/django-DefectDojo

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2,199 Commits

.github

.github

 
 

components

components

 
 

docker

docker

 
 

dojo

dojo

 
 

entrypoint_scripts

entrypoint_scripts

 
 

helm/defectdojo

helm/defectdojo

 
 

nginx

nginx

 
 

tests

tests

 
 

travis

travis

 
 

.dockerignore

.dockerignore

 
 

.flake8

.flake8

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

DOCKER.md

DOCKER.md

 
 

DefectDojoMaintainers.md

DefectDojoMaintainers.md

 
 

Dockerfile.django

Dockerfile.django

 
 

Dockerfile.nginx

Dockerfile.nginx

 
 

KUBERNETES.md

KUBERNETES.md

 
 

LICENSE.md

LICENSE.md

 
 

MAINTAINERS.md

MAINTAINERS.md

 
 

PULL_REQUEST_TEMPLATE.md

PULL_REQUEST_TEMPLATE.md

 
 

README.md

README.md

 
 

SECURITY.md

SECURITY.md

 
 

SPONSORING.md

SPONSORING.md

 
 

app.json

app.json

 
 

docker-compose.yml

docker-compose.yml

 
 

legacy-setup.bash

legacy-setup.bash

 
 

manage.py

manage.py

 
 

requirements.txt

requirements.txt

 
 

setup-docker.bash

setup-docker.bash

 
 

setup.bash

setup.bash

 
 

setup.py

setup.py

 
 

upgrade.bash

upgrade.bash

 
 

wsgi.py

wsgi.py

 
 

wsgi_params

wsgi_params

 
 

Repository files navigation

DefectDojo

OWASP Flagship GitHub release YouTube Subscribe Twitter Follow

Build Status Documentation Status CII Best Practices

Screenshot of DefectDojo

DefectDojo is a security program and vulnerability management tool. DefectDojo allows you to manage your application security program, maintain product and application information, schedule scans, triage vulnerabilities and push findings into defect trackers. Consolidate your findings into one source of truth with DefectDojo.

Demo

Try out DefectDojo in our testing environment with the following credentials.

  • admin / defectdojo@demo#appsec
  • product_manager / defectdojo@demo#product

Quick Start

git clone https://github.com/DefectDojo/django-DefectDojo
cd django-DefectDojo
docker-compose up

Navigate to http://localhost:8080.

Documentation

For detailed documentation you can visit Read the Docs.

Installation Options

Getting Started

We recommend checking out the about document to learn the terminology of DefectDojo and the getting started guide for setting up a new installation. We've also created some example workflows that should give you an idea of how to use DefectDojo for your own team.

Client APIs

  • Install the DefectDojo Python API via pip install defectdojo_api or clone the repository.
  • Browse the API on SwaggerHub. Swagger Status

Getting Involved

Slack

Realtime discussion is done in the OWASP Slack Channel, #defectdojo. Get Access.

Twitter

DefectDojo Twitter Account tweets project updates and changes.

Available Plugins

Engagement Surveys – A plugin that adds answerable surveys to engagements.

LDAP Integration

SAML Integration

Multi-Factor Auth

About Us

DefectDojo is maintained by:

Hall of Fame

  • Charles Neill (@ccneill) – Charles served as a DefectDojo Maintainer for years and wrote some of Dojo's core functionality.
  • Jay Paz (@jjpaz) – Jay was a DefectDojo maintainer for years. He performed Dojo's first UI overhaul, optomized code structure/features, and added numerous enhancements.

Contributing

We greatly appreciate all of our contributors.

We would also like to highlight the contributions from Michael Dong and Fatimah Zohra who contributed to DefectDojo before it was open source.

Swag Rewards

If you fix an issue with the swag reward tag, we'll send you a shirt and some stickers!

Dojo tshirt front

Support

Proceeds are used for testing, infrastructure, etc.

PayPal

Sponsors

Xing 10Security GCSecurity

Interested in becoming a sponsor and having your logo displayed? Please review our sponsorship information or email greg.anderson@owasp.org

License

DefectDojo is licensed under the BSD Simplified license

About

DefectDojo is an open-source application vulnerability correlation and security orchestration tool.

www.defectdojo.org/

Resources

Readme

License

BSD-3-Clause license

Security policy

Security policy
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

30 tags

Packages

No packages published

Languages

  • Python 53.0%
  • HTML 41.5%
  • Shell 3.6%
  • CSS 1.1%
  • JavaScript 0.3%
  • XSLT 0.3%
  • Smarty 0.2%