DefectDojo MCP server provides a bridge to the DefectDojo vulnerability management system, enabling AI assistants to interact with security findings, products, and engagements. Developed by jamiesonio, this implementation offers tools for retrieving, searching, and updating vulnerability data through an asynchronous HTTP client that handles authentication and error management. The server exposes specialized functions for managing security findings (including status updates and note addition), listing products, and handling engagement lifecycle operations. Built with Python 3.12 and the FastMCP framework, it's particularly valuable for security teams who want to integrate vulnerability management workflows into their AI assistant interactions.
Retrieve findings with filtering options for product_name, status, severity and pagination parameters like limit and offset.
Search findings using a text query, with additional filtering and pagination options.
Change the status of a specific finding, with parameters such as finding_id and the new status (e.g., Active, Verified, False Positive).
Add a textual note to a finding using parameters finding_id and the note content.
Create a new finding associated with a test, requiring parameters like title, test_id, severity, description, and cwe.
List products with optional filtering by name and pagination parameters.
List engagements with filtering options for product_id, status, and name along with pagination.
Get details for a specific engagement by its ID using engagement_id as a parameter.
Create a new engagement for a product, requiring parameters like product_id, name, target_start, target_end, and status.
Modify details of an existing engagement with parameters including engagement_id, new status, and description.
Mark an engagement as completed by providing the engagement_id.
No reviews yet. Be the first to review!
Sign in to join the conversation
Highlight AI