The DefectDojo is an association of open source application vulnerabilities and security application.
Allows you to manage your application security program, maintain product and application information, scan schedules, discover vulnerabilities, and forward findings found on security system crawlers.
While traceability and measurements are the ultimate goal, the DefectDojo is a debugger at its core. The program allows traceability between multiple projects and test cycles and allows detailed reporting.
How it works DefectDojo;
The DefectDojo is based on a model that allows for absolute flexibility in test monitoring needs.
- Its operation DefectDojo starts with a product type.
- Each product type can have one or more products.
- Each product may have one or more commitments.
- Each commitment can have a test.
- Each Test may have one or more findings
$ git clone https://github.com/DefectDojo/ django-DefectDojo $ cd django-DefectDojo $ ./setup.bash $ ./run_dojo.bash
You will find a user guide for the program here.