Get a custom quote
As security professionals, we feel per app/user pricing acts like ransomware, forcing security teams to try to find additional budget mid-cycle. This is why we offer a license model that gives customers more control over their license and spend.
DefectDojo’s pricing model is based on what you store for two reasons:
-
You can cleanup data and always stay within license when necessary between budget cycles.
-
It is the metric most closely associated with the cost to deliver services, as our auto-triage functions run over the entirety of your data.
What is considered a Finding?
A finding is what a security scanner or security tool reports. It can also be thought of as a ‘vulnerability’ or an ‘alert’. However, DefectDojo does utilize a number of consolidation machine-learning powered algorithms, so it isn’t uncommon for a tool to report 100 findings and DefectDojo turn that into 20 or less Dojo Findings.
What is considered an Endpoint?
An Endpoint is where a dynamic finding is located. It can be an IP, hostname, container image identifier or similar.
How do you arrive at final pricing?
We arrive at a flat number based on the number of Findings + Endpoints. Licensing is additive not multiplicative to be as customer friendly as possible. For example, if you have 10 findings that impact 100 endpoints that would count as 110 towards your license, not 1,000.