INTEGRATIONS

Unify Your Security Tools

With 180+ integrations, DefectDojo is the most extensible and customizable security tool on the market.

INTEGRATIONS

Unify Your Security Tools

With 180+ integrations, DefectDojo is the most extensible and customizable security tool on the market.

Categories

Software Composition Analysis (SCA) / SBOM

All
Dynamic Application Security Testing (DAST)
Infrastructure Scanning
Software Composition Analysis (SCA) / SBOM
Threat Modeling / Other
Static Application Security Testing (SAST)

SCA

AuditJS Scan

JSON

SCA

AuditJS Scan

A JavaScript/Node.js tool that leverages the Sonatype OSS Index to identify known vulnerabilities in your JavaScript & Node.js applications, helping developers secure their applications effectively.

SCA

Black Duck Binary Analysis

CSV

SCA

Black Duck Binary Analysis

Black Duck® Binary Analysis gives you visibility into open source and third-party dependencies that have been compiled into executables, libraries, containers, and firmware. You can analyze individual files using an intuitive user interface or Black Duck multifactor open source detection, which automates the scanning of binary artifacts.

SCA

Bundler-Audit Scan

TXT

SCA

Bundler-Audit Scan

A patch-level verification tool for Ruby Bundler that helps in scanning Gemfile.lock files for known security vulnerabilities, helping developers maintain secure dependencies.

SCA

Checkmarx OSA

JSON

SCA

Checkmarx OSA

Stands for Open Source Analysis; it is a tool that allows organizations to manage the risk associated with the use of open-source components in software, helping in identifying and mitigating potential security and license compliance issues.

SCA

CycloneDX Scan

XML , JSON

SCA

CycloneDX Scan

A lightweight software bill of materials (SBOM) standard designed for use in application security contexts and supply chain component analysis, helping to identify and manage vulnerabilities associated with component usage.

SCA

Dependency Check Scan

XML

SCA

Dependency Check Scan

An open-source tool suite that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities, helping in maintaining a secure codebase by managing the vulnerabilities effectively.

SCA

Dependency Track Finding Packaging Format (FPF)

JSON

SCA

Dependency Track Finding Packaging Format (FPF)

A feature of the Dependency-Track system that allows exporting findings in the Finding Packaging Format (FPF), aiding in the seamless sharing and management of vulnerability information across different platforms.

SCA

Fortify Scan

XML

SCA

Fortify Scan

A static code analyzer from Micro Focus that helps in identifying security vulnerabilities in the source code early in the development lifecycle, promoting secure coding practices and reducing the risk of security breaches.

SCA

GitLab Dependency Scanning Report

JSON

SCA

GitLab Dependency Scanning Report

A GitLab feature that scans project dependencies for known vulnerabilities, utilizing a database of known issues to help developers maintain secure and updated dependencies in their projects.

SCA

Govulncheck Scanner

JSON

SCA

Govulncheck Scanner

A tool used to scan Go language (Golang) projects for known vulnerabilities using the National Vulnerability Database, helping developers to identify and patch security issues in their Go-based applications.

SCA

JFrog Xray API Summary Artifact Scan

JSON

SCA

JFrog Xray API Summary Artifact Scan

A scan conducted through JFrog Xray's API to gather summary information on artifacts, including potential security vulnerabilities, license compliance issues, and more, aiding in the secure handling of binary artifacts.

SCA

JFrog Xray Binary Ondemand Binary Scan

JSON

SCA

JFrog Xray Binary Ondemand Binary Scan

JFrog CLI empowers you with robust scanning capabilities to ensure the security and compliance of your source code and software artifacts, including containers.

SCA

JFrog Xray Scan

JSON

SCA

JFrog Xray Scan

A security scanning solution by JFrog that integrates with JFrog Artifactory, providing detailed information on security vulnerabilities and license compliance, helping to secure your software artifacts and containers.

SCA

JFrog Xray Unified Scan

JSON

SCA

JFrog Xray Unified Scan

An extended feature of JFrog Xray that allows for the scanning of various artifacts, including Docker images, and software packages, in a unified manner, to identify security vulnerabilities and compliance issues.

SCA

Kiuwan Scan

CSV

SCA

Kiuwan Scan

A software analytics and SAST tool that scans source code to identify vulnerabilities and compliance issues, aiding organizations in maintaining secure and compliant code bases.

SCA

nancy Scan

JSON

SCA

nancy Scan

nancy is a tool to check for vulnerabilities in your Golang dependencies.

SCA

NPM Audit Scan

JSON

SCA

NPM Audit Scan

A command-line utility from npm, Inc. that analyzes Node.js project dependencies to identify known vulnerabilities, helping developers to maintain secure and up-to-date project dependencies.

SCA

OssIndex Devaudit SCA Scan Importer

JSON

SCA

OssIndex Devaudit SCA Scan Importer

A tool that allows for the importation of software composition analysis (SCA) scans conducted using the DevAudit tool against the OSS Index vulnerability database, aiding in the identification and management of open-source vulnerabilities.

SCA

OSV Scanner

JSON

SCA

OSV Scanner

Use OSV-Scanner to find existing vulnerabilities affecting your project’s dependencies.

SCA

PHP Symfony Security Check

SCA

PHP Symfony Security Check

A security checker tool for PHP Symfony applications, which scans the project dependencies for known vulnerabilities, aiding developers in maintaining secure and compliant Symfony projects.

SCA

pip-audit Scan

JSON

SCA

pip-audit Scan

A tool that scans Python environments and analyzes installed packages against known vulnerability databases to identify security issues, helping Python developers to maintain secure code by managing vulnerable dependencies.

SCA

Retire.js Scan

JSON

SCA

Retire.js Scan

A scanner tool that identifies JavaScript files with known vulnerabilities in your web applications, utilizing a database of known vulnerabilities from Retire.js repository, assisting developers in maintaining secure JavaScript applications.

SCA

Snyk Code

JSON

SCA

Snyk Code

Snyk output file (snyk test --json > snyk.json) can be imported in JSON format.

SCA

Sonatype Application Scan

JSON

SCA

Sonatype Application Scan

A security solution that scans applications to identify open-source risk, policy violations, and security vulnerabilities, helping organizations maintain secure applications by managing risks associated with open-source components.

SCA

Veracode SourceClear Scan

CSV , JSON

SCA

Veracode SourceClear Scan

A tool by Veracode that identifies vulnerabilities in open-source components used in applications, helping developers maintain secure open-source usage.

SCA

Whitesource Scan(Now known as Mend)

JSON

SCA

Whitesource Scan(Now known as Mend)

A solution that identifies vulnerabilities in open-source components used in applications, offering automated remediation and compliance reporting to maintain secure open-source usage.

SCA

Yarn & Yarn 2 Audit Scan

JSON

SCA

Yarn & Yarn 2 Audit Scan

A command in the Yarn package manager that identifies known vulnerabilities in project dependencies, helping to maintain secure Node.js applications by managing vulnerability risks in dependencies.