Austin, TX and San Francisco, CA, June 05, 2024 – DefectDojo, the company that powers DevSecOps, and Pixee, the automated product security engineer, are integrating their products to enable organizations to realize the potential of DevSecOps with scalable, accurate, automated vulnerability management and auto-remediation.

Organizations continue to struggle to scale security and manage risk in an efficient manner. DefectDojo and Pixee are leading the charge to cover the full spectrum of DevSecOps. For the first time, companies can aggregate findings from a vast array of tools, over 170, combined with automated remediation.

With this first-of-its-kind integration between DefectDojo’s ASPM platform and Pixee’s AI-enabled auto-remediation platform, enterprises can benefit from:

• Intelligent prioritization and auto-remediation based on accurate findings, exploitability, and hardened code
• Unified risk management for faster risk elimination without added resources, improved reporting, simplified compliance
• Scalability for greater AppSec efficiency powered by automation with no additional staff, yielding more time for strategic projects

“High quality security results are the first step for successful, scalable DevSecOps initiatives,” said Greg Anderson, co-founder and CEO, DefectDojo. “Now, we can pair DefectDojo’s accurate, deduplicated findings with Pixee’s automated remediation platform for another layer of efficiency and improved risk reduction.”

“It’s exciting to experience the future when we connect DefectDojo and Pixee. For the first time, DevSecOps programs can focus on driving outcomes around remediation and mean-time-to-remediation (MTTR). With the prioritized and unified backlog provided through DefectDojo and Pixee’s ability to auto-remediate findings, we now have the closest system to an autonomous DevSecOps program,” said Surag Patel, co-founder and CEO of Pixee.

Integration Features

DefectDojo pioneered automation in vulnerability management. Scalable to millions of findings, able to ingest data from hundreds of the most popular application and infrastructure scanners, and integrated with Jira to help developers get results faster, DefectDojo is advancing risk management at global enterprises.

Pixee is leading the innovation in automated remediation, capitalizing on the power of determinism with purposefully used AI to automate the developer work of rewriting code.

The integration builds on the advanced features of both products to provide an intelligent solution that saves security teams time and money to deliver on the promise of DevSecOps.

Intelligent Prioritization and Remediation

• Produce accurate findings with less toil and targeted remediation.
• Strengthen prioritization. Attack issues by importance to your organization
• Accelerate SDLC output. Harden code. Eliminate bugs automatically.
• Unified risk management

Unified Risk Management

• Deliver strategic, board-ready reporting with verified accurate results.
• Manage risk faster. Attain MTTR reduction without additional developer and security team hours.
• Improve compliance with a 360 degree view of risk posture.

Scalability/Greater AppSec Efficiency

• Create a self-service AppSec program powered by automation.
• Repurpose AppSec talent for strategic projects.
• Increase output without adding people.

Pricing and Availability

The DefectDojo-Pixee integration is available today. DefectDojo is available as an open source project and a fully supported commercial version with additional enterprise features. Pixeebot is available for free or with enterprise features in a commercial license. Code rewriting foundation, Codemodder is an open source project.

About DefectDojo

DefectDojo is the company and the product that powers DevSecOps. Our open platform transforms security information management, connecting security strategy and informed execution for intelligent risk management. Security and DevSecOps teams can aggregate, automate, and integrate data from more than 170 security tools for a unified view of security posture and compliance, streamlined workflows, and improved decision-making. DefectDojo was created by security pros for security pros. To learn more, visit defectdojo.com.

About Pixee

Pixee builds innovative solutions that help developers produce higher quality and secure code with new tools that integrate directly into their native workflow. Its first product, Pixeebot, acts as an expert security developer on the team that is constantly reviewing and automatically hardening the codebase. Pixee is backed by Decibel Partners and Wing Venture Capital, and is trusted by tens of thousands of developers daily. Learn more at www.pixee.ai