| title | Index | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| date | 2021-02-02 20:46:29 +0100 | ||||||||||||||||
| draft | false | ||||||||||||||||
| type | docs | ||||||||||||||||
| cascade |
|
||||||||||||||||
| exclude_search | true |
DefectDojo can parse data from 200+ security reports and counting.
DefectDojo Pro users have enhanced methods of import available for certain tools.
Connectors allow you to automatically import and sync vulnerabilities from certain tools.
Smart Upload allows you to split infrastructure-wide scan files up by component or endpoint, and easily combine those results with other Findings from the same location.
| Connectors: supported tools | Smart Upload: supported tools |
|---|---|
| AWS Security Hub, BurpSuite, Checkmarx ONE, Dependency-Track, Probely, Semgrep, SonarQube, Snyk, Tenable | Nexpose, NMap, OpenVas, Qualys, Tenable, Wiz |
All of these listed reports can be ingested via Import/Reimport methods. This means that they can be imported to both Open-Source and Pro instances using the UI or API.
If your tool is not in this list, there's a good chance that DefectDojo can still import a report from the tool. Consider the Generic Findings Import method.
DefectDojo Pro users can import any JSON or CSV report using the Universal Parser.