DefectDojo is a tool created by the Security Engineering team at Rackspace to track testing efforts. It attempts to streamline the testing process by offering features such as templating, report generation, metrics, and baseline self-service tools. Though it was designed with security folks in mind, there is nothing keeping QA/QE testers, or any other testers for that matter, from using it productively.
If you'd like to check out a demo of DefectDojo before installing it, you can check out our PythonAnywhere demo site.
You can log in as an administrator like so:
You can also log in as a product owner / non-staff user:
For additional documentation you can visit our Read the Docs site.
Jay has also created a detailed guide for setting up DefectDojo on Ubuntu 14.04.
We recommend checking out the about document to learn the terminology of DefectDojo, and the getting started guide for setting up a new installation. We've also created some example workflows that should give you an idea of how to use DefectDojo for your own team.
We discuss updates and changes on the DefectDojo OWASP Mailing List.
The DefectDojo Twitter Account tweets project updates and changes.
Engagement Surveys - A plugin that adds answerable surveys to engagements.
DefectDojo is maintained by:
With past contributions from:
- Fatimah Zohra
- Michael Dong
DefectDojo is licensed under the BSD Simplified license