Explore a comprehensive overview of DefectDojo, an open-source vulnerability management tool, in this 37-minute LASCON conference talk. Discover how this innovative solution, born from one security engineer's initiative in 2013, aims to simplify and streamline the often tedious process of vulnerability management. Learn about DefectDojo's key features, including templating, report generation, metrics, and baseline self-service tools, and understand how it has been successfully implemented in multiple large enterprises. Gain insights into the tool's development history, product maturity, Docker integration, and its ultimate goal of making vulnerability management more efficient. Delve into topics such as stand-alone versus Docker deployment, common themes in vulnerability management, supported product types and scanners, upcoming features, and the Python Django framework used for development. Understand how DefectDojo can be run on AWS, manage open findings, and utilize various importer options. Explore the ability to update directly from the user interface and see how this tool can potentially revolutionize your approach to vulnerability management. Read more