Dradis Framework is a collaboration and reporting tool for information security teams to manage and deliver the results of security assessments, in less time and with less frustration than manual methods.

Instance Notifications

All notifications now display at the instance level so you don’t have to open each project to see notifications. These Dradis instance-wide notifications include notifications from updates in Remediation Tracker tickets too.

Accessibility Improvements

Dradis font and element contrast are adjusted to meet Level AA WCAG 2.0 standards. Also, screen reader and alt-text are added and a few broken Aria references and missing labels are fixed. All of these improvements make Dradis easier for everyone to use.

Emojis 🥳

We 💖 love emojis on the Security Roots team and use them all the time working together. 😤 It was frustrating that we couldn’t use them in Dradis, so we added them 🎉! Now you can use emojis in any input field of Dradis to express yourself or within projects details for additional context. 😎

ServiceNow Integration

Create a ServiceNow Vulnerable Item from a Dradis Issue in a few clicks. The new ServiceNow integration allows the owner of the system to receive critical finding details so they can handle remediation outside of Dradis.

Release Notes

• Add avatar and user’s name to project navbar
• Comments:
  • Load feed asynchronously
• Configuration Kits
• Emojis! Update the database collation to allow emojis
• Improve accessibility:
  • Add alt text to any linked images
  • Add screen reader only text to forms
  • Adjustments to font and element contrast to meet at minimum Level AA WCAG 2.0 standards
  • Fix any broken Aria references
  • Update element label association & add missing labels
• Mintcreek notifications:
  • Add notifications dropdown in mintcreek navbar
  • Add project and plugin notifications in the view
  • Authors and contributors will now be notified when assigned a project
• Replace deprecated font-awesome-sass gem with vendor asset files
• Rule Engine: include rule name in upload console
• Subscriptions:
  • Load feed asynchronously
• Truncate long hostnames when viewing evidence in an issue
• Upgraded gems:
  • Rails
• Bugs fixed:
  • Fix attachments base64 encoding for filenames with symbols
  • Placeholder gravatars appear if gravatar is not available
  • SMTP file will take configuration precedence again
  • Update the HelpScout beacon in the instance admin
• Integration enhancements:
  • Remediation Tracker:
    • Add activity and comment feed
    • Users can now be subscribed to tickets
• Reporting enhancements:
  • Fix exporting formatting in content controls without Crazy Triangles
  • Fix exporting captions with non-alpha characters
  • Fix URLs breaking textile table formatting

Not using Dradis Pro on your team?

• Automated reports, generate the same reports your clients know and love in a fraction of the time.
• Combine the output from 19+ different tools (including Qualys, Metasploit, Burp…) into a single report.
• Deliver consistent results. Never forget any steps, always know what has been covered and what is still ahead.
• Everyone on the same page: all information available across the team.
• Dradis Pro is reliable, with over 10 years of history, and has a top-notch dedicated support team.