Highlights:

  • DefectDojo supports more than 180 security tools, offering the flexibility to switch between preferred security solutions as required.
  • DefectDojo also unveiled new enhancements to its Pro Edition, aimed at enhancing automation and delivering deeper insights.

Recently, a scalable application security company, DefectDojo Inc., raised USD 7 million in new funding to support innovation, product development, and market expansion.

Established in 2015 and built on an open-source project of the same name, DefectDojo provides a security automation and vulnerability management platform aimed at assisting organizations in managing security findings from various tools. This platform allows businesses to track vulnerabilities, prioritize them, and automate workflows to improve the efficiency of security testing.

The company’s platform provides security and DevSecOps teams with a centralized command center that automates essential tasks like vulnerability triage, enrichment, noise reduction, service level agreement management, and risk acceptance. It monitors vulnerabilities throughout all phases—including builds, releases, continuous integration/continuous delivery, repositories, engagements, and endpoints—utilizing machine learning algorithms to consolidate duplicates, eliminate false positives, and uncover vulnerability trends.

DefectDojo integrates with over 180 security tools, allowing users the flexibility to switch between their preferred security solutions as necessary while offering real-time insights and analytics to enhance security within a resilient DevSecOps framework. Its adaptable data model further facilitates continuous feedback and optimization.

Drawing from its open-source origins, the company emphasizes its strong commitment to open-source software, noting that the open-source version of DefectDojo has emerged as a popular and rapidly growing security project on GitHub.

“We first began our open source community over 10 years ago to reduce the repetitive, mundane tasks that take away from security professionals’ ability to operate strategically and meet the needs of a rapidly evolving threat landscape. As we continue to develop our DevSecOps platform, security will be able to scale far beyond what is possible today to stay one step ahead of tomorrow’s bad actors,” said Greg Anderson, Founder and Chief Executive.

Iolar Ventures and Aspenwood Ventures LP led the Series A funding round.

Alongside the funding announcement, DefectDojo revealed new enhancements to its Pro Edition aimed at boosting automation and delivering deeper insights. The updated Pro Edition now features enterprise scalability, enhanced visualization, and premium support, building upon the foundation of the company’s Community Edition.

The new features include improved automation to streamline AppSec workflows, robust insights tools to facilitate data-driven security decisions, and data enrichment that integrates the Exploit Prediction Scoring System for enhanced context regarding threats and vulnerabilities.