DefectDojo MCP Server

Example Use Cases

• 1

  Search and filter vulnerability findings (by product, status, severity, or free-text query) to triage and prioritize issues.

• 2

  Create or update findings and add investigation notes programmatically as part of automated scanning or remediation workflows.

• 3

  List, create, update, and close engagements and list products to orchestrate scans and track assessment progress.

Description

This project implements a Model Context Protocol (MCP) server for DefectDojo, exposing tools to fetch, search, create, and update findings as well as list and manage products and engagements. It enables AI agents and other MCP clients to automate vulnerability management tasks by calling simple tool endpoints (e.g., get_findings, create_finding, update_engagement). The server is designed to be run locally or via uvx and is configured with a DefectDojo API token and base URL, allowing seamless integration into agent workflows.

Capabilities(11 total)