AI Agent Skill HUB

building-vulnerability-dashboard-with-defectdojo

Deploy DefectDojo as a centralized vulnerability management dashboard with scanner integrations, deduplication, metrics tracking, and Jira ticketing workflows.

16 stars
byplurigrid
View on GitHubInstallation ↓

Best use case

building-vulnerability-dashboard-with-defectdojo is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Deploy DefectDojo as a centralized vulnerability management dashboard with scanner integrations, deduplication, metrics tracking, and Jira ticketing workflows.

Teams using building-vulnerability-dashboard-with-defectdojo should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/building-vulnerability-dashboard-with-defectdojo/SKILL.md --create-dirs "https://raw.githubusercontent.com/plurigrid/asi/main/plugins/asi/skills/building-vulnerability-dashboard-with-defectdojo/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/building-vulnerability-dashboard-with-defectdojo/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How building-vulnerability-dashboard-with-defectdojo Compares

Feature / Agentbuilding-vulnerability-dashboard-with-defectdojoStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Deploy DefectDojo as a centralized vulnerability management dashboard with scanner integrations, deduplication, metrics tracking, and Jira ticketing workflows.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Building Vulnerability Dashboard with DefectDojo

## Overview

DefectDojo is an open-source application vulnerability management platform that aggregates findings from 200+ security tools, deduplicates results, tracks remediation progress, and provides executive dashboards. It serves as a central hub for vulnerability management, integrating with CI/CD pipelines, Jira for ticketing, and Slack for notifications. DefectDojo supports OWASP-based categorization and provides REST API for automation.


## When to Use

- When deploying or configuring building vulnerability dashboard with defectdojo capabilities in your environment
- When establishing security controls aligned to compliance requirements
- When building or improving security architecture for this domain
- When conducting security assessments that require this implementation

## Prerequisites

- Docker and Docker Compose
- 4GB+ RAM, 2+ CPU cores, 20GB+ disk
- PostgreSQL 12+ (included in Docker deployment)
- Python 3.9+ for API integration scripts
- Jira instance (optional, for ticket integration)

## Deployment

### Docker Compose Deployment
```bash
# Clone DefectDojo repository
git clone https://github.com/DefectDojo/django-DefectDojo.git
cd django-DefectDojo

# Start with Docker Compose (production mode)
./dc-up-d.sh

# Alternative: manual Docker Compose
docker compose up -d

# Check service status
docker compose ps

# View initial admin credentials
docker compose logs initializer 2>&1 | grep "Admin password"

# Access DefectDojo at http://localhost:8080
```

### Environment Configuration
```bash
# Key environment variables in docker-compose.yml
DD_DATABASE_ENGINE=django.db.backends.postgresql
DD_DATABASE_HOST=postgres
DD_DATABASE_PORT=5432
DD_DATABASE_NAME=defectdojo
DD_DATABASE_USER=defectdojo
DD_DATABASE_PASSWORD=<secure_password>
DD_ALLOWED_HOSTS=*
DD_SECRET_KEY=<random_64_char_key>
DD_CREDENTIAL_AES_256_KEY=<random_128_bit_key>
DD_SOCIAL_AUTH_GOOGLE_OAUTH2_ENABLED=True
```

## Organizational Structure

### Hierarchy
```
Product Type (Business Unit)
  └── Product (Application/Service)
       └── Engagement (Assessment/Sprint)
            └── Test (Scanner Run)
                 └── Finding (Individual Vulnerability)
```

### Setup via API
```python
import requests

DD_URL = "http://localhost:8080/api/v2"
API_KEY = "your_api_key_here"
HEADERS = {"Authorization": f"Token {API_KEY}", "Content-Type": "application/json"}

# Create Product Type
resp = requests.post(f"{DD_URL}/product_types/", headers=HEADERS, json={
    "name": "Web Applications",
    "description": "Customer-facing web application portfolio"
})
product_type_id = resp.json()["id"]

# Create Product
resp = requests.post(f"{DD_URL}/products/", headers=HEADERS, json={
    "name": "Customer Portal",
    "description": "Main customer-facing web application",
    "prod_type": product_type_id,
    "sla_configuration": 1,
})
product_id = resp.json()["id"]

# Create Engagement
resp = requests.post(f"{DD_URL}/engagements/", headers=HEADERS, json={
    "name": "Q1 2024 Security Assessment",
    "product": product_id,
    "target_start": "2024-01-01",
    "target_end": "2024-03-31",
    "engagement_type": "CI/CD",
    "status": "In Progress",
})
engagement_id = resp.json()["id"]
```

## Scanner Integration

### Import Scan Results via API
```bash
# Upload Nessus scan results
curl -X POST "${DD_URL}/reimport-scan/" \
  -H "Authorization: Token ${API_KEY}" \
  -F "scan_type=Nessus Scan" \
  -F "file=@nessus_report.csv" \
  -F "product_name=Customer Portal" \
  -F "engagement_name=Q1 2024 Security Assessment" \
  -F "auto_create_context=true" \
  -F "deduplication_on_engagement=true"

# Upload OWASP ZAP results
curl -X POST "${DD_URL}/reimport-scan/" \
  -H "Authorization: Token ${API_KEY}" \
  -F "scan_type=ZAP Scan" \
  -F "file=@zap_report.xml" \
  -F "product_name=Customer Portal" \
  -F "engagement_name=Q1 2024 Security Assessment" \
  -F "auto_create_context=true"

# Upload Trivy container scan
curl -X POST "${DD_URL}/reimport-scan/" \
  -H "Authorization: Token ${API_KEY}" \
  -F "scan_type=Trivy Scan" \
  -F "file=@trivy_results.json" \
  -F "product_name=Customer Portal" \
  -F "engagement_name=Q1 2024 Security Assessment" \
  -F "auto_create_context=true"
```

### Supported Scanner Types (Partial List)
| Scanner | Type String | Format |
|---------|------------|--------|
| Nessus | Nessus Scan | CSV/XML |
| OpenVAS | OpenVAS CSV | CSV |
| Qualys | Qualys Scan | XML |
| OWASP ZAP | ZAP Scan | XML/JSON |
| Burp Suite | Burp XML | XML |
| Trivy | Trivy Scan | JSON |
| Semgrep | Semgrep JSON Report | JSON |
| Snyk | Snyk Scan | JSON |
| SonarQube | SonarQube Scan | JSON |
| Checkov | Checkov Scan | JSON |

### CI/CD Integration (GitHub Actions)
```yaml
# .github/workflows/security-scan.yml
name: Security Scan
on: [push]
jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Run Semgrep
        run: |
          pip install semgrep
          semgrep --config auto --json -o semgrep_results.json .
      - name: Upload to DefectDojo
        run: |
          curl -X POST "${{ secrets.DD_URL }}/api/v2/reimport-scan/" \
            -H "Authorization: Token ${{ secrets.DD_API_KEY }}" \
            -F "scan_type=Semgrep JSON Report" \
            -F "file=@semgrep_results.json" \
            -F "product_name=${{ github.event.repository.name }}" \
            -F "engagement_name=CI/CD" \
            -F "auto_create_context=true"
```

## Jira Integration

```python
# Configure Jira integration in DefectDojo settings
jira_config = {
    "url": "https://company.atlassian.net",
    "username": "jira-bot@company.com",
    "password": "jira_api_token",
    "default_issue_type": "Bug",
    "critical_mapping_severity": "Blocker",
    "high_mapping_severity": "Critical",
    "medium_mapping_severity": "Major",
    "low_mapping_severity": "Minor",
    "finding_text": "**Vulnerability**: {{ finding.title }}\n**Severity**: {{ finding.severity }}\n**CVE**: {{ finding.cve }}\n**Description**: {{ finding.description }}",
    "accepted_mapping_resolution": "Done",
    "close_status_key": 6,
}
```

## Metrics and Dashboards

### Key Metrics API Queries
```python
# Get finding counts by severity
resp = requests.get(f"{DD_URL}/findings/?limit=0&active=true",
                    headers=HEADERS)
findings = resp.json()

# Get SLA breach counts
resp = requests.get(f"{DD_URL}/findings/?limit=0&active=true&sla_breached=true",
                    headers=HEADERS)

# Get product-level metrics
resp = requests.get(f"{DD_URL}/products/{product_id}/",
                    headers=HEADERS)
product_data = resp.json()
```

## References

- [DefectDojo GitHub](https://github.com/DefectDojo/django-DefectDojo)
- [DefectDojo Documentation](https://defectdojo.github.io/django-DefectDojo/)
- [DefectDojo REST API](https://defectdojo.github.io/django-DefectDojo/integrations/api-v2-docs/)
- [OWASP DefectDojo Project](https://owasp.org/www-project-defectdojo/)
- [DefectDojo Integrations](https://defectdojo.com/integrations)

Related Skills

testing-api-for-mass-assignment-vulnerability

16
from plurigrid/asi

Tests APIs for mass assignment (auto-binding) vulnerabilities where clients can modify object properties they should not have access to by including additional parameters in API requests. The tester identifies writable endpoints, adds undocumented fields to request bodies (role, isAdmin, price, balance), and checks if the server binds these to the data model without filtering. Part of OWASP API3:2023 Broken Object Property Level Authorization. Activates for requests involving mass assignment testing, parameter binding abuse, auto-binding vulnerability, or API over-posting.

substrate-vulnerability-scanner

16
from plurigrid/asi

Scans Substrate/Polkadot pallets for 7 critical vulnerabilities including arithmetic overflow, panic DoS, incorrect weights, and bad origin checks. Use when auditing Substrate runtimes or FRAME pallets. (project, gitignored)

performing-web-application-vulnerability-triage

16
from plurigrid/asi

Triage web application vulnerability findings from DAST/SAST scanners using OWASP risk rating methodology to separate true positives from false positives and prioritize remediation.

performing-vulnerability-scanning-with-nessus

16
from plurigrid/asi

Performs authenticated and unauthenticated vulnerability scanning using Tenable Nessus to identify known vulnerabilities, misconfigurations, default credentials, and missing patches across network infrastructure, servers, and applications. The scanner correlates findings with CVE databases and CVSS scores to produce prioritized remediation guidance. Activates for requests involving vulnerability scanning, Nessus assessment, patch compliance checking, or automated vulnerability detection.

performing-ssrf-vulnerability-exploitation

16
from plurigrid/asi

Test for Server-Side Request Forgery vulnerabilities by probing cloud metadata endpoints, internal network services, and protocol handlers through user-controllable URL parameters. Tests AWS/GCP/Azure metadata APIs (169.254.169.254), internal port scanning via HTTP, URL scheme bypass techniques, and DNS rebinding detection.

performing-ot-vulnerability-scanning-safely

16
from plurigrid/asi

Perform vulnerability scanning in OT/ICS environments safely using passive monitoring, native protocol queries, and carefully controlled active scanning with Tenable OT Security to identify vulnerabilities without disrupting industrial processes or crashing legacy controllers.

performing-ot-vulnerability-assessment-with-claroty

16
from plurigrid/asi

This skill covers performing vulnerability assessments in OT environments using the Claroty xDome platform for comprehensive asset discovery, risk scoring, vulnerability correlation, and remediation prioritization. It addresses passive vulnerability identification through traffic analysis, active safe querying of OT devices, integration with CVE databases and ICS-CERT advisories, and risk-based prioritization that accounts for operational impact and compensating controls.

performing-endpoint-vulnerability-remediation

16
from plurigrid/asi

Performs vulnerability remediation on endpoints by prioritizing CVEs based on risk scoring, deploying patches, applying configuration changes, and validating fixes. Use when remediating findings from vulnerability scans, responding to critical CVE advisories, or maintaining endpoint compliance with patch management SLAs. Activates for requests involving vulnerability remediation, CVE patching, endpoint vulnerability management, or security fix deployment.

performing-authenticated-vulnerability-scan

16
from plurigrid/asi

Authenticated (credentialed) vulnerability scanning uses valid system credentials to log into target hosts and perform deep inspection of installed software, patches, configurations, and security sett

performing-agentless-vulnerability-scanning

16
from plurigrid/asi

Configure and execute agentless vulnerability scanning using network protocols, cloud snapshot analysis, and API-based discovery to assess systems without installing endpoint agents.

performing-active-directory-vulnerability-assessment

16
from plurigrid/asi

Assess Active Directory security posture using PingCastle, BloodHound, and Purple Knight to identify misconfigurations, privilege escalation paths, and attack vectors.

implementing-vulnerability-sla-breach-alerting

16
from plurigrid/asi

Build automated alerting for vulnerability remediation SLA breaches with severity-based timelines, escalation workflows, and compliance reporting dashboards.