# DefectDojo

[DefectDojo](https://www.defectdojo.org/) is a security tool that automates application security vulnerability management. DefectDojo streamlines the application security testing process by offering features such as importing third party security findings, merging and de-duping, integration with Jira, templating, report generation and security metrics.

DefectDojo supports Meterian security findings in the JSON format. Generate one by adding the following parameter to the Meterian client: `--report-json=/tmp/report.json`

Once generated, reports can be imported as **Engagements** Findings to any of your **Products**: from the Product overview menu click on **Findings** and select "Import Scan Results" 

![](https://3502151236-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-M-naNCUtT6Gw1tfDjRR%2F-Mcytgek4oeoVwYJe1fX%2F-Mcyzkqiq89tqRp9_FGY%2Fimage.png?alt=media\&token=af79d9de-b0de-492c-8125-8ff5fb1f056b)

Or alternatively for existing **Engagements,** from the **Tests** tab menu select "Import Scan Results"

![](https://3502151236-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-M-naNCUtT6Gw1tfDjRR%2F-Mcytgek4oeoVwYJe1fX%2F-Mcz0hs_gTb0boi0cNnk%2Fimage.png?alt=media\&token=c375c1b2-953b-4ecf-ad04-ba4a0ccb85ae)

Furthermore, imports could also happen through the dedicated [DefectDojo APIs](https://defectdojo.github.io/django-DefectDojo/integrations/api-v2-docs/). We provide a [convenience script](https://raw.githubusercontent.com/MeterianHQ/django-DefectDojo/meterian-ci/api-sample-calls/ad-hoc-import.py) for automating the import process which is a direct implementation of these APIs and can be integrated as part of you CI/CD pipeline. Read on for a usage guide.