DefectDojo
Application vulnerability management: ingest findings from scanners, dedupe, risk scoring, metrics, and Jira/CI hooks.
Why it is included
Central open hub for AppSec programs drowning in scanner output.
Best for
Engineering orgs normalizing SAST/DAST/container findings.
Strengths
- Importer breadth
- API
- Metrics
Limitations
- Needs process owners to drive remediation
Good alternatives
Dependency-Track · spreadsheets + scripts
Related tools
Security & Privacy
Semgrep
Static analysis engine matching AST patterns—rules for OWASP classes, secrets, and custom policies.
Security & Privacy
Trivy
All-in-one scanner for container images, IaC, Kubernetes manifests, SBOMs, and VM OS packages with CI integrations.
Security & Privacy
Dependency-Track
Continuous SBOM analysis platform tracking component vulnerabilities, policies, and audit trails for supply chain risk.
Security & Privacy
Wazuh
Open security platform combining SIEM, XDR, file integrity monitoring, and compliance checks across endpoints and cloud.
Security & Privacy
Greenbone Community Edition (OpenVAS)
Full vulnerability management stack: OpenVAS scanner, Greenbone Vulnerability Manager, feeds, and web UI for scan management.
Security & Privacy
CrowdSec
Collaborative intrusion prevention: parse logs, apply scenarios, share reputation (optional), and block via bouncers (firewall, nginx, Cloudflare).