DefectDojo, a pioneer in scalable application security, announced a $7 million funding round to respond to demand and accelerate its mission of connecting security strategy with execution for smarter risk management. This latest funding round, led by Iolar Ventures and Aspenwood Ventures, will drive innovation, product development, and expansion.
With 38+ million downloads and integrations with over 180 security tools, DefectDojo is an essential platform for application security and vulnerability management, trusted by many users in companies of all sizes. Built for everyone in the security field, DefectDojo stands out as the only open-source solution in the Application Security Posture Management (ASPM) space. Plus, it offers a comprehensive approach to managing and improving an organization’s security posture by aggregating data from various security tools, automating workflows, and delivering actionable insights to ensure vulnerabilities are effectively identified, tracked, and mitigated across the entire organization.
DefectDojo provides security and DevSecOps teams with a unified command center, automating critical tasks like vulnerability triage, enrichment, noise reduction, SLA management, and risk acceptance. It tracks vulnerabilities across all stages, such as builds, releases, CICD, repositories, engagements, and endpoints, using advanced machine-learning algorithms that evolve to automatically consolidate duplicates, eliminate false positives, and identify vulnerability trends with the highest precision.
DefectDojo has introduced several enhancements to the Pro Edition that are now available to improve automation and deepen the insights it provides in connection with its plans to accelerate product development. And DefectDojo’s Pro Edition builds on the Community Edition by offering enterprise scalability, additional features, improved visualization, and premium support. The new features include:
1.) Enhanced automation – Capabilities to streamline AppSec workflows and reduce manual tasks
2.) Powerful new insights and analytics tools – Increased understanding of vulnerabilities and support data-driven security decisions through remediation, tool, and program insights
3.) Data enrichment – Providing more comprehensive vulnerability context with FIRST’s Exploit Prediction Scoring System, enhancing the quality of intelligence on threats and vulnerabilities
DefectDojo remains committed to open source roots, with plans to continue investing in the community-driven platform that has made it one of the most popular and fastest-growing open source security projects.
KEY QUOTES:
“This investment validates our commitment to transforming how organizations approach AppSec and Security at large. We first began our open source community over ten years ago to reduce the repetitive, mundane tasks that take away from security professionals’ ability to operate strategically and meet the needs of a rapidly evolving threat landscape. As we continue to develop our DevSecOps platform, security will be able to scale far beyond what is possible today to stay one step ahead of tomorrow’s bad actors.”
-Greg Anderson, Founder & CEO of DefectDojo
“DefectDojo’s expertise and the passionate community it has developed are fundamentally changing the way security is handled within organizations. We’ve seen many try to achieve this, but DefectDojo is the only company making this a reality and earning the trust of enterprises of all sizes. DefectDojo has a unique blend of open source innovation and enterprise-grade capabilities that not only bring the entire security toolset together, but enable seamless collaboration between development, security and leadership teams. We’re excited to support their vision of unlocking DevSecOps scalability for all.”
-Lars Leckie, Managing Director of Aspenwood Ventures