Try our new research platform with insights from 80,000+ expert users
DefectDojo Logo

DefectDojo Reviews

Vendor: DefectDojo
4.0 out of 5
Leave a review

What is DefectDojo?

DefectDojo is an open-source application vulnerability management tool designed for organizations aiming to enhance their security posture with a streamlined workflow for managing security findings.

Get the Vulnerability Management Buyer's Guide and find out what your peers are saying about DefectDojo, Wiz, Snyk and more!
DefectDojo is the #10 ranked solution in top DevSecOps solutions and #40 ranked solution in top Vulnerability Management solutions. PeerSpot users give DefectDojo an average rating of 8.0 out of 10. DefectDojo is most commonly compared to Wiz: DefectDojo vs Wiz. DefectDojo is popular among the large enterprise segment, accounting for 60% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 15% of all views.
Buyer's Guide
Vulnerability Management
January 2026
Get the category report
Helped 879,711 peers since 2012

DefectDojo mindshare

Product category:
Vulnerability Management
As of January 2026, the mindshare of DefectDojo in the Vulnerability Management category stands at 0.9%, up from 0.4% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Vulnerability Management Market Share Distribution
ProductMarket Share (%)
DefectDojo0.9%
Wiz7.5%
Tenable Nessus5.2%
Other86.4%
Vulnerability Management
 
 
Key learnings from peers

Valuable Features

  • "With the pipeline of detection and DefectDojo, we are able to see the real vulnerabilities, and we fix them."

Room for Improvement

  • "We need something to notify the team responsible for a product when vulnerabilities are found."
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Vulnerability Management Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
14%
Comms Service Provider
12%
Manufacturing Company
7%
Government
7%
Retailer
7%
University
4%
Healthcare Company
4%
Insurance Company
3%
Construction Company
3%
Outsourcing Company
3%
Media Company
2%
Performing Arts
2%
Real Estate/Law Firm
2%
Transportation Company
2%
Pharma/Biotech Company
1%
Energy/Utilities Company
1%
Recreational Facilities/Services Company
1%
Educational Organization
1%
Engineering Company
1%
Training & Coaching Company
1%
Marketing Services Firm
1%
Logistics Company
1%
Wellness & Fitness Company
1%

Compare DefectDojo with alternative products

Go!

Learn more about DefectDojo

DefectDojo supports security teams by facilitating the tracking, managing, and mitigation of vulnerabilities. It centralizes security findings, integrates with different tools, and automates security metrics reporting. Its automation capabilities reduce manual effort, making it indispensable for teams handling large volumes of vulnerabilities. While highly functional, some user feedback suggests there’s room for improvement in documentation and user interface.

What are DefectDojo's most important features?
  • Integration Capability: Seamlessly integrates with numerous security assessment tools to consolidate security findings.
  • Automation: Automates repetitive tasks like report generation and metrics calculation to save time.
  • Scalability: Handles large datasets efficiently, suitable for complex IT environments.
  • Customizable: Offers customization options for workflows and settings to match specific requirements.
What benefits or ROI should users look for in reviews?
  • Improved Efficiency: Streamlined processes enhance team productivity and speed up vulnerability management.
  • Enhanced Security: Comprehensive tracking and reporting improve the security posture of organizations.
  • Cost-Effective: Open-source nature minimizes costs compared to proprietary solutions.
  • Time-Saving: Reduces manual input with automated features, allowing teams to focus on high-priority tasks.

DefectDojo is commonly adopted in industries prioritizing cybersecurity, such as finance, healthcare, and technology, where it is utilized to manage ongoing security assessments and track external threats. Its ability to integrate with specialized tools makes it suitable for environments requiring robust security measures.

Related questions

  • 54
How inadvisable is it to use a single vulnerability analysis tool?
  • 29
What are the benefits of continuous scanning for vulnerability management?
  • 30
When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
  • 22
What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
  • 224
What are the main KPIs that need to be implemented to have better posture in vulnerability projects?
  • 100
Which is the best vulnerability scanner tool?
  • 64
What are your recommended automated penetration testing tools?
  • 67
How do you use the MITRE ATT&CK framework for improving enterprise security?
  • 35
Can you recommend API for Tenable Connector into ServiceNow
  • 21
What penetration testing tool (or tools) do you recommend for SMB/SME?

Product Categories

Product Categories
Vulnerability Management
DevSecOps

Popular Comparisons

Popular Comparisons
Wiz vs DefectDojo Logo
Wiz vs DefectDojo
Snyk vs DefectDojo Logo
Snyk vs DefectDojo
Microsoft Defender for Cloud vs DefectDojo Logo
Microsoft Defender for Cloud vs DefectDojo
GitLab vs DefectDojo Logo
GitLab vs DefectDojo
Tenable Security Center vs DefectDojo Logo
Tenable Security Center vs DefectDojo
Tenable Vulnerability Management vs DefectDojo Logo
Tenable Vulnerability Management vs DefectDojo
Microsoft Defender Vulnerability Management vs DefectDojo Logo
Microsoft Defender Vulnerability Management vs DefectDojo
FortiCNAPP vs DefectDojo Logo
FortiCNAPP vs DefectDojo
Qualys CyberSecurity Asset Management vs DefectDojo Logo
Qualys CyberSecurity Asset Management vs DefectDojo
Wiz Code vs DefectDojo Logo
Wiz Code vs DefectDojo
Nucleus vs DefectDojo Logo
Nucleus vs DefectDojo
ArmorCode vs DefectDojo Logo
ArmorCode vs DefectDojo
Faraday vs DefectDojo Logo
Faraday vs DefectDojo
Kondukto vs DefectDojo Logo
Kondukto vs DefectDojo
See all alternatives
 
DefectDojo Reviews Summary
Author infoRatingReview Summary
Integration and Solution Architect at a government with 501-1,000 employees4.0DefectDojo serves as our Central Vulnerability Management, consolidating reports from various tools and facilitating easy data sharing across teams. While it efficiently tracks vulnerabilities cost-free, its notification system needs improvement for better team alerts when issues arise.