No more typing reviews! Try our Samantha, our new voice AI agent.
DefectDojo Logo

DefectDojo Reviews

Vendor: DefectDojo
4.0 out of 5
Leave a review

What is DefectDojo?

DefectDojo is an open-source application vulnerability management tool designed for organizations aiming to enhance their security posture with a streamlined workflow for managing security findings.

Get the Vulnerability Management Buyer's Guide and find out what your peers are saying about DefectDojo, Wiz, Snyk and more!
DefectDojo is the #11 ranked solution in top DevSecOps solutions and #44 ranked solution in top Vulnerability Management solutions. PeerSpot users give DefectDojo an average rating of 8.0 out of 10. DefectDojo is most commonly compared to Wiz: DefectDojo vs Wiz. DefectDojo is popular among the large enterprise segment, accounting for 52% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 13% of all views.
Buyer's Guide
Vulnerability Management
April 2026
Get the category report
Helped 886,011 peers since 2012

DefectDojo mindshare

Product category:
Vulnerability Management
As of April 2026, the mindshare of DefectDojo in the Vulnerability Management category stands at 0.9%, up from 0.5% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
DefectDojo0.9%
Wiz5.5%
Qualys VMDR4.4%
Other89.2%
Vulnerability Management
 
 
Key learnings from peers

Valuable Features

  • "With the pipeline of detection and DefectDojo, we are able to see the real vulnerabilities, and we fix them."

Room for Improvement

  • "We need something to notify the team responsible for a product when vulnerabilities are found."
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Vulnerability Management Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews
Comms Service Provider
13%
Financial Services Firm
11%
Computer Software Company
11%
Construction Company
8%
Manufacturing Company
8%
Outsourcing Company
6%
Government
6%
Retailer
6%
University
5%
Healthcare Company
4%
Insurance Company
2%
Transportation Company
2%
Performing Arts
2%
Media Company
2%
Real Estate/Law Firm
2%
Training & Coaching Company
1%
Recreational Facilities/Services Company
1%
Engineering Company
1%
Pharma/Biotech Company
1%
Educational Organization
1%
Religious Institution
1%
Wholesaler/Distributor
1%
Energy/Utilities Company
1%
Marketing Services Firm
1%
Wellness & Fitness Company
1%
Logistics Company
1%

Compare DefectDojo with alternative products

Go!

Learn more about DefectDojo

DefectDojo supports security teams by facilitating the tracking, managing, and mitigation of vulnerabilities. It centralizes security findings, integrates with different tools, and automates security metrics reporting. Its automation capabilities reduce manual effort, making it indispensable for teams handling large volumes of vulnerabilities. While highly functional, some user feedback suggests there’s room for improvement in documentation and user interface.

What are DefectDojo's most important features?
  • Integration Capability: Seamlessly integrates with numerous security assessment tools to consolidate security findings.
  • Automation: Automates repetitive tasks like report generation and metrics calculation to save time.
  • Scalability: Handles large datasets efficiently, suitable for complex IT environments.
  • Customizable: Offers customization options for workflows and settings to match specific requirements.
What benefits or ROI should users look for in reviews?
  • Improved Efficiency: Streamlined processes enhance team productivity and speed up vulnerability management.
  • Enhanced Security: Comprehensive tracking and reporting improve the security posture of organizations.
  • Cost-Effective: Open-source nature minimizes costs compared to proprietary solutions.
  • Time-Saving: Reduces manual input with automated features, allowing teams to focus on high-priority tasks.

DefectDojo is commonly adopted in industries prioritizing cybersecurity, such as finance, healthcare, and technology, where it is utilized to manage ongoing security assessments and track external threats. Its ability to integrate with specialized tools makes it suitable for environments requiring robust security measures.

Related questions

  • 131
How inadvisable is it to use a single vulnerability analysis tool?
  • 90
What are the benefits of continuous scanning for vulnerability management?
  • 98
When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
  • 90
What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
  • 281
What are the main KPIs that need to be implemented to have better posture in vulnerability projects?
  • 162
Which is the best vulnerability scanner tool?
  • 130
What are your recommended automated penetration testing tools?
  • 134
How do you use the MITRE ATT&CK framework for improving enterprise security?
  • 93
Can you recommend API for Tenable Connector into ServiceNow
  • 77
What penetration testing tool (or tools) do you recommend for SMB/SME?

Product Categories

Product Categories
Vulnerability Management
DevSecOps

Popular Comparisons

Popular Comparisons
Wiz vs DefectDojo Logo
Wiz vs DefectDojo
Snyk vs DefectDojo Logo
Snyk vs DefectDojo
Microsoft Defender for Cloud vs DefectDojo Logo
Microsoft Defender for Cloud vs DefectDojo
GitLab vs DefectDojo Logo
GitLab vs DefectDojo
Tenable Nessus vs DefectDojo Logo
Tenable Nessus vs DefectDojo
JFrog Xray vs DefectDojo Logo
JFrog Xray vs DefectDojo
Tenable Security Center vs DefectDojo Logo
Tenable Security Center vs DefectDojo
Tenable Vulnerability Management vs DefectDojo Logo
Tenable Vulnerability Management vs DefectDojo
FortiCNAPP vs DefectDojo Logo
FortiCNAPP vs DefectDojo
Qualys CyberSecurity Asset Management vs DefectDojo Logo
Qualys CyberSecurity Asset Management vs DefectDojo
Microsoft Defender Vulnerability Management vs DefectDojo Logo
Microsoft Defender Vulnerability Management vs DefectDojo
Aikido Security vs DefectDojo Logo
Aikido Security vs DefectDojo
Wiz Code vs DefectDojo Logo
Wiz Code vs DefectDojo
Nucleus Security vs DefectDojo Logo
Nucleus Security vs DefectDojo
ArmorCode vs DefectDojo Logo
ArmorCode vs DefectDojo
See all alternatives
 
DefectDojo Reviews Summary
Author infoRatingReview Summary
Integration and Solution Architect at a government with 501-1,000 employees4.0DefectDojo serves as our Central Vulnerability Management, consolidating reports from various tools and facilitating easy data sharing across teams. While it efficiently tracks vulnerabilities cost-free, its notification system needs improvement for better team alerts when issues arise.