LoginBook a Demo
credit_card

Pricing

Simple and Transparent Pricing

DefectDojo is customer-first and our pricing model reflects that ethos. Clarity and value are at the heart of what we do. We believe that every company, regardless of size or budget, should have access to the best security tools. That's why we offer both open source and enterprise editions. 

Pricing_Hero_New
Pricing_Hero_New
Pro Icon

Upgrade to DefectDojo Pro

Get 30% Off DefectDojo Pro

For a limited time we're offering a 30% off promotion for DefectDojo Pro. Upgrade by June 5th, 2026 to take advantage of this exclusive offer.  

With over 200+ supported integrations, teams can triage, deduplicate, and automate findings across their security stack.

DefectDojo Pro makes it even easier for security teams to import, customize, and scale findings across SAST, SCA, IaaS, SOC, and more.


DefectDojo’s pricing model is based on what you store for two reasons:

  1. You can cleanup data and always stay within license when necessary between budget cycles.
  2. It is the metric most closely associated with the cost to deliver services, as our auto-triage functions run over the entirety of your data.
Features Icon

Why Upgrade

Everything your team needs to move faster on risk

The free tier gets you started. Pro gets you there. Here's what makes the difference when your security program starts to scale. Not sure if you're ready for Pro? Run through this quick checklist in our blog.

DefectDojo Features

 

Free

 

Pro

Core finding import & deduplication

 

check

 

check

Authentication (username, LDAP, SAML, OAuth)

 

check

 

check

Role-based access control (RBAC)

 

check

 

check

REST API & Swagger UI

 

check

 

check

Manual import & reimport

 

check

 

check

Basic dashboard & reporting

 

check

 

check

Automation (Rules Engine)

 

uncheck

 

check

Tunable deduplication

 

uncheck

 

check

Background imports

 

uncheck

 

check

CLI & integrations (Snyk, SonarQube, AWS, etc.)

 

uncheck

 

check

Universal parser (CSV/JSON)

 

uncheck

 

check

Customizable dashboards & dark mode

 

uncheck

 

check

Cloud-hosted option

 

uncheck

 

check

Multi-factor authentication (MFA)

 

uncheck

 

check

Premium support & SLAs

 

uncheck

 

check

SOC & AppSec integration

 

uncheck

 

check

MCP integration

 

uncheck

 

check

Tenant isolation & encryption at rest

 

uncheck

 

check

DefectDojo Features

Core finding import & deduplication

Free: 

check

Pro: 

check

Authentication (username, LDAP, SAML, OAuth)

Free: 

check

Pro: 

check

Role-based access control (RBAC)

Free: 

check

Pro: 

check

REST API & Swagger UI

Free: 

check

Pro: 

check

Manual import & reimport

Free: 

check

Pro: 

check

Basic dashboard & reporting

Free: 

check

Pro: 

check

Automation (Rules Engine)

Free: 

uncheck

Pro: 

check

Tunable deduplication

Free: 

uncheck

Pro: 

check

Background imports

Free: 

uncheck

Pro: 

check

CLI & integrations (Snyk, SonarQube, AWS, etc.)

Free: 

uncheck

Pro: 

check

Universal parser (CSV/JSON)

Free: 

uncheck

Pro: 

check

Customizable dashboards & dark mode

Free: 

uncheck

Pro: 

check

Cloud-hosted option

Free: 

uncheck

Pro: 

check

Multi-factor authentication (MFA)

Free: 

uncheck

Pro: 

check

Premium support & SLAs

Free: 

uncheck

Pro: 

check

SOC & AppSec integration

Free: 

uncheck

Pro: 

check

MCP integration

Free: 

uncheck

Pro: 

check

Tenant isolation & encryption at rest

Free: 

uncheck

Pro: 

check

Trusted by Top Organizations