This connects Claude to your DefectDojo instance for full lifecycle vulnerability management. You get 24 tools covering products, engagements, tests, findings, and scan imports. Ships with token-based RBAC (four roles from reader to admin), HMAC-chained audit logs, and SIEM forwarding over syslog or HTTPS. Useful when you want LLM-assisted triage, bulk finding updates, or natural language queries against your vuln pipeline without writing DefectDojo API scripts. Requires dual API keys for read/write separation, enforces TLS by default, and includes per-token rate limiting on mutations. Network transports require persistent HMAC keys and authentication or they refuse to start.
claude mcp add --transport stdio inspicere-mcp-defectdojo uvx mcp-defectdojo