Documentation
Homepage
Demo Site
GitHub
DefectDojo's Documentation
Getting started
Architecture
Installation
Configuration
Running in production
Upgrading
Demo
Usage
Core data classes
Features
Permissions
Questionnaires
Example workflows
Performance Enhancements
Integrations
Importing
Supported reports
Files
API Pull
DefectDojo API v2
Authentication via OAuth2/SAML2
Authentication via LDAP
JIRA integration
Source code repositories
Notifications
Google Sheets synchronisation
Defect Dojo Burp plugin
Languages and lines of code
Rate Limiting
Exporting
Contributing
Parsers
Documentation
Branching model
Proprietary Plugins
Plus
Cloud Manager
Custom Settings
Dark Mode
License Manager
Version Manager
Pro
Enhanced Dashboard
General Enhancements
Smart Upload
Enterprise
Coming soon...
Edit this page
Create child page
Create documentation issue
Integrations
Supported reports
Files
Files
Report uploaded to DefectDojo as files
Acunetix 360 Scanner
Acunetix Scanner
Anchore Enterprise Policy Check
Anchore Grype
Anchore-Engine
AnchoreCTL Policies Report
AnchoreCTL Vuln Report
AppSpider (Rapid7)
Aqua
Arachni Scanner
AuditJS (OSSIndex)
AWS Prowler Scanner
AWS Prowler V3
AWS Scout2 Scanner (deprecated)
AWS Security Finding Format (ASFF)
AWS Security Hub
Azure Security Center Recommendations Scan
Bandit
Blackduck Component Risk
Blackduck Hub
Brakeman Scan
Bugcrowd
Bundler-Audit
Burp Enterprise Scan
Burp GraphQL
Burp REST API
Burp XML
CargoAudit Scan
Checkmarx
Checkov Report
Clair Klar Scan
Clair Scan
Cloudsploit (AquaSecurity)
Cobalt.io Scan
Codechecker Report native
CodeQL
Contrast Scanner
Coverity API
Crashtest Security
CredScan Report
CycloneDX
DawnScanner
Dependency Check
Dependency Track
Detect-secrets
docker-bench-security Scanner
Dockle Report
DrHeader
DSOP Scan
Edgescan
ESLint
Fortify
Generic Findings Import
Ggshield
Github Vulnerability
GitLab API Fuzzing Report Scan
GitLab Container Scan
GitLab DAST Report
GitLab Dependency Scanning Report
GitLab SAST Report
GitLab Secret Detection Report
Gitleaks
Gosec Scanner
Govulncheck
HackerOne Cases
Hadolint
Harbor Vulnerability
HCL Appscan
Horusec
HuskyCI Report
Hydra
IBM AppScan DAST
Immuniweb Scan
IntSights Report
JFrog Xray API Summary Artifact Scan
JFrog XRay Unified
JFrogXRay
KICS Scanner
Kiuwan Scanner
kube-bench Scanner
kubeHunter Scanner
Meterian Scanner
Microfocus Webinspect Scanner
MobSF Scanner
Mobsfscan
Mozilla Observatory Scanner
Netsparker
NeuVector (compliance)
NeuVector (REST)
Nexpose XML 2.0 (Rapid7)
Nikto
Nmap
Node Security Platform
NPM Audit
Nuclei
Openscap Vulnerability Scan
OpenVAS CSV
OpenVAS XML
ORT evaluated model Importer
OssIndex Devaudit
Outpost24 Scan
PHP Security Audit v2
PHP Symfony Security Checker
pip-audit Scan
PMD Scan
Popeye
PWN Security Automation Framework
Qualys Infrastructure Scan (WebGUI XML)
Qualys Scan
Qualys Webapp Scan
Retire.js
Risk Recon API Importer
Rubocop Scan
Rusty Hog parser
SARIF
Scantist Scan
ScoutSuite
Semgrep JSON Report
SKF Scan
Snyk
Solar Appscreener Scan
SonarQube
Sonatype
SpotBugs
SSH Audit
SSL Labs
Sslscan
Sslyze Scan
StackHawk HawkScan
Sysdig Vulnerability Reports
Talisman
Tenable
Terrascan
Testssl Scan
TFSec
Threagile
Trivy
Trivy Operator
Trufflehog
Trufflehog3
Trustwave
Trustwave Fusion API Scan
Twistlock
Veracode
Veracode SourceClear
Visual Code Grepper (VCG)
Wapiti Scan
Wazuh Scanner
Wfuzz JSON importer
Whispers
WhiteHat Sentinel
Whitesource Scan
Wpscan Scanner
Xanitizer
Yarn Audit
Zed Attack Proxy
Last modified November 30, 2023:
Bump cryptography from 41.0.5 to 41.0.6 (#9070) (2f44d42)