Articles from DefectDojo

DefectDojo, the leader in scalable security, unified vulnerability management and DevSecOps, today announced new automated Known Exploited Vulnerabilities (KEV) data enrichment features for DefectDojo Pro. Ahead of the European Union’s full enforcement of the Cyber Reliance Act (CRA) in 2027, organizations with any EU operations need to ensure their application security (AppSec) program meets the act’s stringent new compliance requirements or risk significant consequences. In addition to checking a major compliance box, the new data enrichment capabilities will help any organization, regardless of location, more efficiently surface truly critical findings and immediately begin addressing them.

DefectDojo, the leader in scalable security, unified vulnerability management and DevSecOps, today announced the launch of Model Context Protocol (MCP) support in DefectDojo Pro, providing cybersecurity teams the ability to safely take an AI-first approach to organizational security. Dojo Pro users can now connect the platform to any third-party or custom model that supports MCP to create a more effective cybersecurity AI with one simple setup.

DefectDojo, the pioneer in scalable security, unified vulnerability management and DevSecOps, today announced the launch of their next-gen Security Operations Center (SOC) capabilities for DefectDojo Pro, which provides both SOC and AppSec professionals a unified platform for noise reduction and prioritization of SOC alerts and AppSec findings. As both SOC and AppSec teams attempt to cut through noisy data from a sprawling set of tools and sources, Dojo Pro now allows two security teams to work from the same platform in a way no other solution has offered to date.

DefectDojo, the pioneer in scalable security, unified vulnerability management and DevSecOps, today announced the launch of risk-based prioritization capabilities for DefectDojo Pro. This new feature enables application and infrastructure security teams to prioritize vulnerabilities based on real-world risk—not just severity scores—using a range of factors including exploitability, reachability, revenue impact, potential compliance penalties, user records and more.

DefectDojo, the pioneer in scalable security, unified vulnerability management and DevSecOps, today announced the winners of its inaugural Open-Source Security Awards. These awards recognize the most impactful open-source security tools that AppSec and DevSecOps teams rely on to achieve meaningful security programs with tight, or no budget. Far too often security is gate-kept by budgets leading to the AppSec industry primarily targeting large enterprises and leaving other organizations between a rock and hard place as they work to create meaningful security programs and protect themselves from exploits.

DefectDojo, the pioneer in scalable unified vulnerability management and DevSecOps, today announced its first-ever Community Month with a number of product updates, new initiatives to recognize the platform’s major open-source contributors and a greater presence at events designed for open-source cybersecurity professionals. As the only open-source solution in the ASPM (application security posture management) space, DefectDojo’s commitment to ongoing open-source and community support underscores its belief that actionable security programs should be available to everyone.

DefectDojo, the pioneer in scalable unified vulnerability management and DevSecOps, today announced the release of the DefectDojo Rules Engine, available in early access for DefectDojo Pro users. With this feature, teams can create rules to automatically manipulate, edit, enhance, add custom remediation advice, escalate, or de-escalate specific findings, enabling security teams to better prioritize major issues or further enhance findings from their security tools without significant human intervention or manual effort.

DefectDojo, the pioneer in scalable unified vulnerability management and DevSecOps, today announced the launch of its universal parser for security data ingestion on the Dojo Pro platform. With the universal parser, DefectDojo can support all security tools producing JSON or XML data, the two most common data types in ASPM, streamlining data ingestion for more efficient vulnerability response. The universal parser also helps security teams future-proof their operations against formatting changes or the launch of new tools, solving security data ingestion once and for all.

DefectDojo, the pioneer in scalable application security, today announced a $7 million funding round to respond to demand and accelerate its mission of connecting security strategy with execution for smarter risk management. Its latest round of funding, led by Iolar Ventures and Aspenwood Ventures, will fuel innovation, product development and market expansion.