DefectDojo MCP server provides a bridge to the DefectDojo vulnerability management system, enabling AI assistants to interact with security findings, products, and engagements. Developed by jamiesonio, this implementation offers tools for retrieving, searching, and updating vulnerability data through an asynchronous HTTP client that handles authentication and error management. The server exposes specialized functions for managing security findings (including status updates and note addition), listing products, and handling engagement lifecycle operations. Built with Python 3.12 and the FastMCP framework, it's particularly valuable for security teams who want to integrate vulnerability management workflows into their AI assistant interactions.
No reviews yet. Be the first to review!
Sign in to join the conversation
Highlight AIRetrieve findings with filtering options such as product_name, status, and severity, along with pagination parameters like limit and offset.
Search findings using a text query, with filtering and pagination options available.
Change the status of a specific finding (e.g., Active, Verified, False Positive) by providing the finding ID and new status.
Add a textual note to a finding by specifying the finding ID and the note content.
Create a new finding associated with a test by providing details such as title, test_id, severity, description, and cwe.
List products with filtering options (name, prod_type) and pagination parameters.
List engagements with filtering options (product_id, status, name) and pagination parameters.
Get details for a specific engagement by its ID.
Create a new engagement for a product by providing the product ID, name, target start and end dates, and initial status.
Modify details of an existing engagement by specifying the engagement ID, new status, and description.
Mark an engagement as completed by providing the engagement ID.
