En

☑️ New User Checklist

Here’s a quick reference you can use to ensure successful implementation, from a blank canvas to a fully functional app.

The essence of DefectDojo is to import security data, organize it, and present it to the folks who need to know. Here are ways to achieve those things in DefectDojo Pro and Open-Source:

DefectDojo Pro

  1. Start by importing a file using the UI. This is generally the quickest way to see how your data fits into the DefectDojo model.

  2. Now that you have data in DefectDojo, learn more about how to organize it with the Product Hierarchy Overview. The Product Hierarchy creates a working inventory of your apps, which helps you divide your data into logical categories, apply access control rules, sort Findings by Priority and Risk or to segment your reports to the correct team.

  3. Check out your Metrics pages which can be used to quickly share Finding reports with key stakeholders.

DefectDojo Open-Source

  1. Open-Source users can start by creating their first Product Type and Product. Once those are created, they can import a file to one of those Products using the UI.

  2. Now that you have data in DefectDojo, consider expanding your Product layout Product Hierarchy Overview. The Product Hierarchy creates a working inventory of your apps, which helps you divide your data up into logical categories. These categories can be used to apply access control rules, or to segment your reports to the correct team.

  3. Use the Report Builder to summarize the data you’ve imported. Reports can be used to quickly share Findings with stakeholders such as Product Owners.

This is the essence of DefectDojo - import security data, organize it, and present it to the folks who need to know.

All of these features can be automated, and because DefectDojo can handle over 200 tools (at time of writing) you should be all set to create a functional security inventory of your entire organizational output.

Pro Features

  • If your organization uses ServiceNow, AzureDevops, GitHub or GitLab for issue tracking, check out our documentation on those integrations.
  • Customize your main Dashboard with filtered tiles to view your environment at a glance.
  • Learn how to rapidly import data and mirror your team’s existing security environment with Connectors.

Open-Source Features

  • Does your organization use Jira? Learn how to use our Jira integration to create Jira tickets from the data you ingest.
  • Are you expecting to share DefectDojo with many users in your organization? Check out our guides to user management and set up role-based access control (RBAC).
  • Ready to dive into automation? Learn how to use the DefectDojo API to automatically import new data, and build a robust CI/CD pipeline.
Prev
Troubleshooting Jira errors
Next
Configuration (Open Source)