Integrating Acunetix 360 with DefectDojo

DefectDojo is an open-source application security vulnerability management tool that streamlines the application security testing process. It offers features such as importing third-party security findings, merging, report generation, and security metrics.

You can integrate Acunetix 360 with DefectDojo to send issue(s) to the issue tracking system.

This topic explains how to integrate Acunetix 360 with DefectDojo and configure Acunetix 360 to send a detected vulnerability to DefectDojo.

For further information, see What Systems Does Acunetix 360 Integrate With?.

DefectDojo Fields

This table lists and explains the DefectDojo fields in the New DefectDojo Integration window.

Button/Section/Field

Description

Name

This is the name of the configuration that will be shown in menus.

Mandatory

This section contains fields that must be completed.

Server URL

This is the DefectDojo instance URL.

Access Token

This is the Access Token for authentication.

Engagement ID

This is the project identifier of the issue.

Title Format

This is the string format that is used to create the vulnerability title.

Optional

This section contains optional fields.

Labels

This is the issue's label.

How to Integrate Acunetix 360 with DefectDojo
  1. Log in to Acunetix 360.
  2. From the main menu, go to  Integrations > New Integration > DefectDojo.
  3. In the Name field, enter a name for the integration.
  4. In the Mandatory section, complete the connection details:
  • Server URL
  • Access Token
  • Engagement Id
  • Title Format        
  1. In the Optional section, add tags if required.
  2. Select Save.

Tips

You can select Test Credentials to confirm that Acunetix 360 can connect to the configured system.


How to Export Reported Vulnerabilities to Projects in DefectDojo

Information

Please ensure that you have first configured DefectDojo integration (see How to Integrate Acunetix 360 with DefectDojo).


Once notifications have been configured, you can configure Acunetix 360 to automatically send vulnerabilities after scanning has been completed. For further information, see
How to Configure a Notification to Report Vulnerabilities to an Issue Tracking System.


 
« Back to the Acunetix Support Page