February Office Hours: Getting Started with DefectDojo

New to DefectDojo? Join this introductory webinar to learn how you can use DefectDojo to prioritize, deduplicate, and automate vulnerabilities, SOC alerts, and more. DefectDojo is an open‑source platform that automates vulnerability triage, prioritization, and vulnerability management for AppSec and SOC tools. 00:00 Welcome & What You’ll Learn: Getting Started with DefectDojo 00:48 Meet the Speaker: Matt Tesauro’s AppSec & OWASP Background 01:46 The Big Picture: Why Security Must Move at Assembly-Line Speed 02:47 The Pain Today: Excel, Manual Triage, and Tool Sprawl 03:26 The Solution: DefectDojo as Your Single Source of Truth 04:58 Central Hub Workflow: Normalize, De-dupe, Auto-Triage, Then Ship to Jira 05:59 Why DefectDojo (Not the Acronym): Automation-Friendly Vulnerability Management 08:27 Real-World Impact: Prioritization That Cuts 30,000 Findings Down to 80 10:50 Fits Any Maturity Level: From New AppSec Programs to PR-Gating Automation 11:49 Understanding the Dojo Data Model: Product Types, Products, Engagements & Findings 12:55 New Labels + Locations: Evolving the Model for Performance and Clarity 14:28 Open Source vs Pro: DIY Community Edition vs “You’re Just Done” 16:00 What’s New/Next: MCP + LLMs with Clean, Normalized Vulnerability Data 19:08 New Integrations & Asset Hierarchy: Better Destinations and Better Visibility 20:52 Smarter Prioritization: Custom Weights, Risk Buckets, and Asset-Specific Rules 22:45 Connectors + Universal Import/Parse: Automate Ingest from Vendor APIs & CI/CD 24:49 Coming Soon: Modernized UI for DefectDojo Community Edition 25:28 Wrap-Up: Automate the Drudgery, Report Holistically, and Scale to Millions 27:00 Q&A Invitation and Closing