♾️ Collection of DevSecOps Notes + Resources + Courses + Tools

Export Fortify vulnerability data to GitHub, GitLab, SonarQube and more

La intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps …

This repo contains a OWASP DefectDojo API Client based on Java.

DefectDojo API Terraform Provider

Go client library for accessing the DefectDojo API

Export the security debt of an application from DefectDojo

Docker Compose files with best practices for bind mounts, env...

DefectDojo API client in Go

Uploads reports to OWASP DefectDojo

An experimental ModelContextProtocol server connecting LLMs to DefectDojo for AI-powered security workflows. Enables natural language interaction with vulnerability data, simplifies security analysis, and automates reporting through a lightweight middleware integration.

This Action is majorly created for Pushing Multiple report file to defectdojo.

Cosca (Combo Scanner) is an Application Security automation tool that invokes third-party scanners and processes outputs in a one-liner command.

CLI wrapper for DefectDojo APIv2 (beta)

Public fork of: https://github.com/DefectDojo/django-DefectDojo

Tools for easier and better DefectDojo experience

Dependency Track integration to Defect Dojo

ReconVerse: Automated CMS-based web application vulnerability assessment pipeline using Common Crawl, WhatWeb, and various scanners, with results visualized in DefectDojo.

OWASP ASVS checklist for audits

DefectDojo PostgreSQL Backup and Restore