Lead Image © Aleksey Mnogosmyslov, 123RF.com

Lead Image © Aleksey Mnogosmyslov, 123RF.com

DevSecOps with DefectDojo

The Early Bird

Article from ADMIN 80/2024
The DefectDojo vulnerability management tool helps development teams and admins identify, track, and fix vulnerabilities early in the software development process.

DevOps has been an integral part of software development in most organizations for years. The term encompasses various practices and tools and a kind of cultural philosophy that are intended to help automate and interlink processes between the development department and IT teams. From DevOps mechanisms, a further development has emerged in recent years: DevSecOps, DevOps plus security. In more detail, it means that security needs to play a role in every phase of the software development process: from the initial design through integration, testing, and deployment to delivery.

The principle of moving tasks – security in this case – forward as far you can in a process chain is also known as the shift-left approach. In terms of containers, shift left means taking security aspects into account as early as the container construction stage. This approach makes sense; after all, fixing incidents in production environments often involves massive amounts of money, and discovering errors at the outset of the development process is typically far less costly. Many tools have become established on the market in the shift-left and DevSecOps environment in recent years. DefectDojo [1] is one of these tools, and it is free.


DefectDojo was originally developed by Rackspace but is now open source. The community is working hard on the further development of the software, with more than 350 contributors and more than 2,500 GitHub Stars. New features are released quite frequently; according to the GitHub page, an update is made approximately every two weeks. The tool integrates with a wide range of existing security tools, including security scanners, issue trackers, and reporting tools and displays their information in a centralized and easy-to-understand way.

A special feature is its ability to automate the process of running

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>


		<div class=