# DefectDojo Reviews
**Vendor:** DefectDojo  
**Category:** [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner)  
**Average Rating:** 4.6/5.0  
**Total Reviews:** 11
## About DefectDojo
DefectDojo unifies and automates vulnerability management, enabling security teams to focus on strategic, data-driven analysis. We help teams reduce time spent on manual tracking and consolidate vulnerabilities from existing tools for seamless vulnerability management.




## DefectDojo Reviews
  ### 1. DefectDojo: Ultimate Vulnerability Management Solution

**Rating:** 4.5/5.0 stars

**Reviewed by:** Anjali A. | Offensive security Analyst , Mid-Market (51-1000 emp.)

**Reviewed Date:** July 22, 2024

**What do you like best about DefectDojo?**

Defectdojo has all the Possible features which is needed for Vulnerability Management. if you want to showcase the test which is done in last month you can showcase that with easy matric.

**What do you dislike about DefectDojo?**

Enterprise version is too slow if i upload large file /.

**What problems is DefectDojo solving and how is that benefiting you?**

Defectdojo is majorlly helping with me is manage monthly vulnerability . if previous month vulnerability not in present month so it will be automatically closed in current month.

  ### 2. A pertinacious and authentic platform for security programs in the organization

**Rating:** 4.5/5.0 stars

**Reviewed by:** Henry E. | Systems Analyst, Information Technology and Services, Small-Business (50 or fewer emp.)

**Reviewed Date:** February 16, 2024

**What do you like best about DefectDojo?**

The product has a very simple user interface that enables most users to easily navigate around without any hardship or challenge as it is a straightforward tool to most beginners. The software integration with Jira has a huge impact hence it enhances productivity.  The software has a very great source vulnerability management tool and because of this, I would recommend it to all the users.

**What do you dislike about DefectDojo?**

I can't give five stars to the platform as it has poor customer support that doesn’t respond and solve customers' issues as supposed to be as it is an open-source solution.

**What problems is DefectDojo solving and how is that benefiting you?**

The platform is best as it puts together many scan reports in one single platform. The product enables security engineers to spend less time when logging in vulnerability it is achieved by the platform having a vulnerability testing system. The fact that DefectDojo has an open- source model of vulnerability management makes it reduce all the huge costs of solution.

  ### 3. An industrious and dependable platform for security and vulnerability management

**Rating:** 4.5/5.0 stars

**Reviewed by:** Marilena  S. | Software Engineer , Staffing and Recruiting, Small-Business (50 or fewer emp.)

**Reviewed Date:** February 11, 2024

**What do you like best about DefectDojo?**

DefectDojo is a straightforward platform hence any user can use it effortlessly with any difficulty when using it. The product helps its users to be always updated as it provides them with notifications via Slack or email. The product has integration features hence it integrates with other reporting tools increasing productivity.

**What do you dislike about DefectDojo?**

There is not much to dislike about the product but customer support is not prioritized as the support team could take days to solve customer’s issues.

**What problems is DefectDojo solving and how is that benefiting you?**

Defectdojo with the right SLA and stakeholders helps in managing the identified vulnerabilities. The product has helped most of the security experts to spend less time logging vulnerabilities. The product favors its users as it is easy to use, manage, and easy to set up hence great for all beginners as it is effortless to mavigate.

  ### 4. Free to use vulnerability management tool

**Rating:** 4.0/5.0 stars

**Reviewed by:** Divi N. | software developer, Small-Business (50 or fewer emp.)

**Reviewed Date:** March 14, 2024

**What do you like best about DefectDojo?**

-Since its opensourced its free to use
-Supports importing reports from lots of other tools
- Easy to integrate with other tools
-SSO supported
-Easy to install

**What do you dislike about DefectDojo?**

-They are removing features from opensource version and putting them into paid version
-UI is bit finicky

**What problems is DefectDojo solving and how is that benefiting you?**

DefectDojo in my opinion was one of the best VM tool. I have used it for my multiple projects, its very easy to have multiple projects and project under same account and get statuses from all the projects at once. DefectDojo also has REST APIs hence it is very easy to integrate with other services.

  ### 5. DefectDojo is the best Open-source Vulnerability Management Tool!

**Rating:** 4.0/5.0 stars

**Reviewed by:** R V. | Mid-Market (51-1000 emp.)

**Reviewed Date:** December 19, 2023

**What do you like best about DefectDojo?**

If you are looking for a good open source vulnerability management tool, than this is it. It can be integrated with different VAPT scanner reports and the complete lifecycle management can be done for the Vulnerabilites identified.

**What do you dislike about DefectDojo?**

It should also have APIs available that can be easily integrated with certain SIEM tools.

**What problems is DefectDojo solving and how is that benefiting you?**

DefectDojo is providing an open-source model of Vulnerability Management tool and it reduces the cost of the solution.

  ### 6. Opensource Secops tool

**Rating:** 4.5/5.0 stars

**Reviewed by:** Dhaval D. | software engineer, Small-Business (50 or fewer emp.)

**Reviewed Date:** June 29, 2022

**What do you like best about DefectDojo?**

Free to use, Very powerful vulnerability management tool, very structured REST APIs, and easy to integrate with other reporting tools.

**What do you dislike about DefectDojo?**

Nothing much I can think of at the moment. But I have had trouble sometimes when deploying, like dependency errors at the first time installing.

**What problems is DefectDojo solving and how is that benefiting you?**

Very powerful tool used by the VAPT team. we're mainly using this tool with Caldera. Caldera does the vulnerability assessment and we pushed reports generated by Caldera to DefectDojo.

  ### 7. DefectDojo Review

**Rating:** 5.0/5.0 stars

**Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.)

**Reviewed Date:** December 15, 2021

**What do you like best about DefectDojo?**

Easy to use, easy to set up, easy to manage, best vulnerability management tool.

**What do you dislike about DefectDojo?**

The integration of Least Direct tools and the automatic import scan result are not present.

**Recommendations to others considering DefectDojo:**

Best tool to use for vulnerability management and easy to set up. Easy to use.

**What problems is DefectDojo solving and how is that benefiting you?**

Scan the in-house server for vulnerability management and import those results into other tools.

  ### 8. Best Open Source Vulnerability Management Tool

**Rating:** 5.0/5.0 stars

**Reviewed by:** Satykam A. | Red Team Director, Mid-Market (51-1000 emp.)

**Reviewed Date:** December 15, 2021

**What do you like best about DefectDojo?**

Ease of use, opensource, developed by OWASP team, compatible with lots of security scanners

**What do you dislike about DefectDojo?**

very less tools are supported with direct console integration, we have to manually import the scan files

**Recommendations to others considering DefectDojo:**

for the quick setup and running defectdojo use docker based installation

**What problems is DefectDojo solving and how is that benefiting you?**

Vulnerability Management, De-duplications of vulnerabilities, Single console to track all the vulnerabilities and status

  ### 9. One of the best application security vulnerability management tool ever seen.

**Rating:** 5.0/5.0 stars

**Reviewed by:** Trilok A. | Security Consultant, Mid-Market (51-1000 emp.)

**Reviewed Date:** March 01, 2022

**What do you like best about DefectDojo?**

DefectDojo's main purpose is to cut down on the time security professionals spend logging vulnerabilities. DefectDojo achieves this by providing a vulnerability templating system, imports for popular vulnerability scanners, report production, and metrics.

**What do you dislike about DefectDojo?**

not find any unusual. haven't found any bug yet.

**Recommendations to others considering DefectDojo:**

A nice and very useful tool for application vulnerability management.

**What problems is DefectDojo solving and how is that benefiting you?**

DefectDojo's main purpose is to help security experts spend less time logging vulnerabilities. DefectDojo does this by providing a vulnerability templating system, vulnerability scanner imports, report production, and metrics.

  ### 10. DefectDojo Review

**Rating:** 5.0/5.0 stars

**Reviewed by:** Elyes C. | Application Security Engineer, Mid-Market (51-1000 emp.)

**Reviewed Date:** June 23, 2021

**What do you like best about DefectDojo?**

The most positive side is that there is a dockerized solution for Defectdojo. On another side, the fact that you can integrate it with Jira is a huge plus.
I also appreciate the notifications via Slack and email.

**What do you dislike about DefectDojo?**

The fact that DefectDojo is an open-source solution, there is no part for customer support. Sometimes it takes you days to solve an issue.

**What problems is DefectDojo solving and how is that benefiting you?**

We are integrating too many scan reports in one single platform.

  ### 11. Defect Dojo Vulnerbility Management

**Rating:** 5.0/5.0 stars

**Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.)

**Reviewed Date:** December 23, 2021

**What do you like best about DefectDojo?**

Integration with multiple third-party tools

**What do you dislike about DefectDojo?**

Proper documentation not provided for few of tools

**What problems is DefectDojo solving and how is that benefiting you?**

Vulnerabilities identified can be managed using Defect Dojo with proper SLA and Stakeholder


## DefectDojo Discussions
  - [What is DefectDojo used for?](https://www.g2.com/discussions/what-is-defectdojo-used-for)

- [View DefectDojo pricing details and edition comparison](https://www.g2.com/products/defectdojo/reviews?section=pricing&secure%5Bexpires_at%5D=2026-05-15+02%3A44%3A59+-0500&secure%5Bsession_id%5D=8a0097fb-b9d8-4bb3-a01c-7cd88493942e&secure%5Btoken%5D=c203451a3e4c0039e83e9d6ba6715385cd7fe15584b04d898a0c57ac56cf0408&format=llm_user)

## DefectDojo Features
**Performance**
- Issue Tracking
- Detection Rate
- False Positives
- Automated Scans

**Network**
- Compliance Testing
- Perimeter Scanning
- Configuration Monitoring

**Application**
- Manual Application Testing
- Static Code Analysis
- Black Box Testing

**Agentic AI - Vulnerability Scanner**
- Autonomous Task Execution
- Proactive Assistance

## Top DefectDojo Alternatives
  - [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) - 4.5/5.0 (287 reviews)
  - [Snyk](https://www.g2.com/products/snyk/reviews) - 4.5/5.0 (132 reviews)
  - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) - 4.7/5.0 (773 reviews)