Dradis Framework is a collaboration and reporting tool for information security teams to manage and deliver the results of security assessments, in less time and with less frustration than manual methods.
Formatting text is even easier now with the editor toolbar. The toolbar makes it simple to enter and format text in an issue, evidence, notes, comments, and methodologies without needing to use Textile markup. The live preview updates with your formatting changes as you work.
Manually create issues and evidence using the form view, rather than using Textile field names and details. Name the form field and add in details for each item and the live preview updates as you work on the side.
If your project has a predefined template, using that template will create those form fields ready to populate.
Prefer to work with Textile? The source view is still available so you have the best of both worlds.
In order to make the most of the available screen space, some item options – including edit, delete, and subscribe – have been moved to a single “dots” menu. The dots menu is located to the top right of the item and includes the actions available for that item.
Cards in methodologies no longer require a due date. This is helpful for cards that are templates or hold information that doesn’t need to be locked to a specific date.
If a card has moved from one list to another, the original card link will redirect you to the card at its current location. Previously the link to the card would be broken, leaving you to hunt around until you found it (or didn’t and gave up looking).
Making it easier to find the board you are looking for, you can click on a methodology in the project dashboard or the board name in the activity feed to go to that board.
- Add author to evidence and notes views
- Add dynamic columns, sorting and filtering to Projects list
- Add team name link to project navbar
- Adjust Uploads layout to provide more visibility to the output console
- Allow renaming and deleting boards through their dots menu
- Avoid browser pre-populating password fields when editing users
- Card improvements:
- Not require a mandatory due date
- Redirect to new url if the card has changed lists
- Show board name and link in the Activity Feed
- Card, Evidence, Issue, and Note form data will not be lost even if the form is not saved
- Clear the form when the “Cancel” link is clicked
- Remove prompt to restore data and instead persist and restore any changes seamlessly
- Add Textile markup
- Not lose changes even if the comment is not saved
- Update comments feed to show author’s name instead of email
- Display note and evidence titles in breadcrumbs
- Display the Dots-menu in all views
- Editor improvements:
- Formatting toolbar to help with markup
- New form-view to edit each field individually
- Side-by-side editor preview that auto-updates
- Generate consistent URLs in emails
- Increase the size of output console
- Let Admins be added or removed after a project is created
- Link to Methodology from project summary chart
- Move resource action links to dots-menu in breadcrumbs
- Persist the state of the navigation sidebar in projects while navigating across different views
- Remove tag color from issue titles in issue summary
- Update code element style
- Use shared noscript partial
- Use user model reference for activities instead of user email
- Upgraded gems: puma, rack, rails, sass-rails
- Bugs fixed:
- Allow Authors to set project permissions on project creation again
- Fix Board partial broken structure
- Fix ItemsTable extra whitespace causing unnecessary vertical scrolling
- Fix Long items_table dropdown menus not scrollable
- Fix Long project names interfering with search bar expansion
- Fix breadcrumbs in cards under node boards
- Fix textile preview not showing on issues with very long text
- Prevent repetitive prompt when images are pasted after navigating multiple views.
- Prevent report ‘Download’ button becoming a disabled ‘Processing…’ button once clicked
- Render Textile preview of issues with very long text
- Render avatars in the activity feed
- Set :author when creating Evidence from an Issue
- Show active state of Sidebar items properly
- Bug tracker items: #560, #634
- Integration enhancements:
- Issue Library: sortable columns
- Nexpose: better cipher wrapping coverage
- Nikto: support new nested format
- Reporting enhancements:
- Custom Properties are now updated on document open
- HTML reports now use main app’s markup rendering
- Security Fixes:
- Medium: Authenticated persistent comments cross-site scripting
- Low: Authenticated (admin) persistent methodology template cross-site scripting
Not using Dradis Pro on your team?
- Automated reports, generate the same reports your clients know and love in a fraction of the time.
- Combine the output from 19+ different tools (including Qualys, Metasploit, Burp…) into a single report.
- Deliver consistent results. Never forget any steps, always know what has been covered and what is still ahead.
- Everyone on the same page: all information available across the team.
- Dradis Pro is reliable, with over 10 years of history, and has a top-notch dedicated support team.