Announcing DefectDojo Integration
Table of Contents
Announcing DefectDojo Integration with vet allowing users to export OSS dependency scan results to DefectDojo. Continue leveraging DefectDojo for your vulnerability management needs while using vet for identifying vulnerable and malicious open source packages, staying safe and compliant.
TL;DR
Use vet to identify vulnerable and malicious open source packages in your project and export the scan results to DefectDojo for vulnerability management.
Usage
Learn more about the integration at DefectDojo Integration Guide
Support
- Report bugs and feature requests to GitHub issues
- Start feature discussions at GitHub discussions
- defectdojo
- integration
- malware
- software-composition-analysis
- sca
Author
SafeDep Team
safedep.io
Share
The Latest from SafeDep blogs
Follow for the latest updates and insights on open source security & engineering
Curious Case of Embedded Executable in a Newly Introduced Transitive Dependency
A routine dependency upgrade introduced a suspicious transitive dependency with an embedded executable. While manual analysis confirmed it wasn't malicious, this incident highlights the implicit...
Contributing to SafeDep Open Source Projects during Hacktoberfest 2025
Learn how to contribute to SafeDep open source projects during Hacktoberfest 2025 and help secure the open source software supply chain.
Malicious npm Packages Impersonating Hyatt Internal Dependencies
Three malicious npm packages disguised as Hyatt internal dependencies were discovered using install hooks to execute malicious payloads. All packages share identical attack patterns and...
Ship Code. Not Malware. SafeDep Launches GitHub App for Malicious Package Protection
SafeDep launches a GitHub App for zero-configuration protection against malicious open source packages. Instantly scan pull requests and keep your code repositories safe from supply chain attacks.
Ship Code
Not Malware
Install the SafeDep GitHub App to keep malicious packages out of your repos.
Install GitHub App