AUSTIN, Texas–(BUSINESS WIRE)–DefectDojo, the pioneer in scalable application security, today announced a $7 million funding round to respond to demand and accelerate its mission of connecting security strategy with execution for smarter risk management. Its latest round of funding, led by Iolar Ventures and Aspenwood Ventures, will fuel innovation, product development and market expansion.
With over 38 million downloads and integrations with more than 180 security tools, DefectDojo is a vital platform for application security and vulnerability management—trusted by a wide range of users from Fortune 10 companies and international banks to government agencies, startups, and solo consultants. Designed for everyone in the security field, DefectDojo stands out as the only open-source solution in the Application Security Posture Management (ASPM) space. It offers a comprehensive approach to managing and improving an organization’s security posture by aggregating data from various security tools, automating workflows, and delivering actionable insights to ensure vulnerabilities are effectively identified, tracked, and mitigated across the entire organization.
DefectDojo offers security and DevSecOps teams a unified command center, automating critical tasks such as vulnerability triage, enrichment, noise reduction, SLA management, and risk acceptance. It tracks vulnerabilities across all stages—builds, releases, CICD, repositories, engagements and endpoints—using advanced machine-learning algorithms that evolve to automatically consolidate duplicates, eliminate false positives, and identify vulnerability trends with the highest precision.
“This investment validates our commitment to transforming how organizations approach AppSec and Security at large,” said Greg Anderson, Founder & CEO of DefectDojo. “We first began our open source community over ten years ago to reduce the repetitive, mundane tasks that take away from security professionals’ ability to operate strategically and meet the needs of a rapidly evolving threat landscape. As we continue to develop our DevSecOps platform, security will be able to scale far beyond what is possible today to stay one step ahead of tomorrow’s bad actors.”
In conjunction with its plans to accelerate product development, DefectDojo has introduced several enhancements to the Pro Edition that are now available to improve automation and deepen the insights it provides. DefectDojo’s Pro Edition builds on the Community Edition by offering enterprise scalability, additional features, improved visualization and premium support. New features include:
- Enhanced automation – Capabilities to streamline AppSec workflows and reduce manual tasks
- Powerful new insights and analytics tools – Increased understanding of vulnerabilities and support data-driven security decisions through remediation, tool, and program insights
- Data enrichment – Providing more comprehensive vulnerability context with FIRST’s Exploit Prediction Scoring System, enhancing the quality of intelligence on threats and vulnerabilities
DefectDojo remains committed to its open source roots, with plans to continue investing in the community-driven platform that has made it one of the most popular and fastest-growing open source security projects.
“DefectDojo’s expertise and the passionate community it has developed are fundamentally changing the way security is handled within organizations,” said Lars Leckie, Managing Director of Aspenwood Ventures. “We’ve seen many try to achieve this, but DefectDojo is the only company making this a reality and earning the trust of enterprises of all sizes. DefectDojo has a unique blend of open source innovation and enterprise-grade capabilities that not only bring the entire security toolset together, but enable seamless collaboration between development, security and leadership teams. We’re excited to support their vision of unlocking DevSecOps scalability for all.”
DefectDojo will showcase the new Pro Edition capabilities at OWASP Global AppSec US Conference in San Francisco from September 23-27 at the Hyatt Regency San Francisco.
About DefectDojo
DefectDojo is the engine that drives DevSecOps, providing an open, scalable platform that connects security strategy to execution. By aggregating data from over 180 security tools, automating manual processes, and delivering AI-powered insights, DefectDojo empowers organizations to have a unified view of security posture and compliance, automate operations to increase productivity and improve decision-making. For more information, visit defectdojo.com
