What is DefectDojo?
Exploring Information Security - Timothy De Block
English - February 06, 2017 01:00 - 22 minutes - 27.1 MB - ★★★★★ - 42 ratingsTechnology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Greg (@_GRRegg) is one of three project leads for the OWASP project DefectDojo. The project is an appsec automation and vulnerability management tool. This is something I wish was around when I first started managing vulnerabilities for the development team. It has got a lot of great features including metrics, integration with JIRA, automatic ticket creation, vulnerability de-duping, and of course it allows appsec teams to manage vulnerabilities in development. A demo site is available. It's open-source (as all OWASP projects are). I would recommend anyone having to manage vulnerabilities check this project out.
In this to the mat edition of the Exploring Information Security podcast, Greg Anderson joins me to discuss the OWASP project DefectDojo.
Greg (@_GRRegg) is one of three project leads for the OWASP project DefectDojo. The project is an appsec automation and vulnerability management tool. This is something I wish was around when I first started managing vulnerabilities for the development team. It has got a lot of great features including metrics, integration with JIRA, automatic ticket creation, vulnerability de-duping, and of course it allows appsec teams to manage vulnerabilities in development. A demo site is available. It's open-source (as all OWASP projects are). I would recommend anyone having to manage vulnerabilities check this project out.
In this episode we discuss:
What is DefectDojo?Why create the project?Why the name?Who should use the toolHow to effectively use the tool