Відео

It’s a new year and that means it’s another year for advancements in AI. With the hype and adoption of AI ever increasing, security teams are presented with a whole new frontier to protect with an unprecedented attack surface and very different attack vectors compared to traditional AppSec. Learn More at defectdojo.com/ Follow us on Social - linkedin.com/company/defectdojo/ - github.com/DefectDojo

Matt Tesauro explains how DefectDojo's generic importer allows importing findings from third-party pen tests and other tools that don't have a dedicated parser. Customers can specify in contracts that pen test findings be provided in CSV or JSON format for easy import into DefectDojo. Learn More at defectdojo.com/ Follow us on Social - linkedin.com/company/defectdojo/ - github.com/DefectDojo

Matt Tesauro explains that deduplication in DefectDojo can be done at the product level, crossing engagements, or at the engagement level, only crossing tests. The choice depends on how products are laid out in the system. Learn More at defectdojo.com/ Follow us on Social - linkedin.com/company/defectdojo/ - github.com/DefectDojo

According to IDC, 73% of IT teams use between 21-80 tools to thoroughly test and evaluate enterprise software for security. However, tool vendors frequently change the formats of these tools, breaking integrations and significantly slowing operations. Without the findings from these tools, teams could potentially miss major vulnerabilities and leave avenues of attack open for bad actors to expl...

Learn more about DefectDojo Pro and how it can help streamline your vulnerability management Learn More at defectdojo.com/ Follow us on Social - linkedin.com/company/defectdojo/ - github.com/DefectDojo

You’re tasked with ‘doing DevSecOps’ for your company and you’ve got more apps and issues than you know how to deal with. How do you make sense of the different tools' outputs for all your different apps? DefectDojo is an open source platform that can be your single source of truth by aggregating, distilling, and automating your AppSec and DevSecOps tools. DefectDojo was created by DevSecOps pe...

Learn more about some of the differences between Open Source DefectDojo and DefectDojo Pro Learn More at defectdojo.com/ Follow us on Social - linkedin.com/company/defectdojo/ - github.com/DefectDojo

Happy 2025! To kick off the new year we’re excited that our January Office Hours is all about DefectDojo Pro’s early access launch of Rules Engine. With this release, it’ll be easier than ever to perform actions to DefectDojo data and not have to update via manual user actions or API calls. Join us to see the Rules Engine in action and ask any questions to our team! In this DefectDojo Office Ho...

Learn the power of deduplication to help manage vulnerabilities and reduce risk at our March office hours session, hosted by DefectDojo CEO and founder, Greg Anderson. What is Office Hours? One hour. A little education. A lot of you. We'll share a brief overview of our deduplication capabilities. Then it's your turn to ask Greg all your DefectDojo questions. In this session you will: -Learn how...

Organizations continue to struggle to scale security and manage risk in an efficient manner. DefectDojo and Pixee have joined forces to enable companies to maximize resources while dramatically improving their risk posture. For the first time, enterprises can aggregate findings and complete remediation in a fully automated manner. Greg Anderson and Surag Patel will host this illuminating hour t...

ASPM seems to be everywhere these days. Has AppSec pivoted into a brave new world or is this just a new “acro-Gartner-nym” that we now have to deal with? What does ASPM look like from someone who’s AppSec career started before AppSec was a job description? This talk looks at what the market says about ASPM and fires it in the crucible of experience to see what is left when the heat is gone. Gai...

For AppSec and security teams, one of the biggest challenges is prioritizing and uncovering real security issues. Many teams are hampered by inefficient processes, an overwhelming amount of data, and potentially unreliable security testing results. By prioritizing higher quality results, security teams can work to preemptively mitigate risks and work collaboratively with their engineering teams...

Learn tips-and-tricks to using Defect Dojo to transform disparate security haystacks into actionable data and insights. In this month’s Office Hours, we’ll explore: -Leveraging Defect Dojo dashboards to promote security activities from individual contributors to executives -Using Defect Dojo RBAC and custom reports to highlight actionable information -Tips for comprehensive data input and categ...

Organizations continue to struggle to scale security and manage risk in an efficient manner. DefectDojo was created over 10 years ago to help security pros do more with less lift and improve their outcomes. DefectDojo Pro was created to provide support, deliver enterprise-grade reporting and metrics, and streamline vulnerability management. Matt Tesauro, DefectDojo Founder and CTO, will host th...

June Office Hours: Metrics 2.0

July Office Hours: Understanding Import and Re-Import

The Life of the Modern CISO

October Office Hours: AMA with Matt Tesauro