Dradis Framework is a collaboration and reporting tool for information security teams to manage and deliver the results of security assessments, in less time and with less frustration than manual methods.
Inline Code Support
We already supported code blocks, but now, you can use @ symbols to create in-line code inside of your Dradis project:
Custom Tag Management
Previously, you could create custom tags by editing the XML of the project template directly. That’s still an option if you happen to enjoy dealing with XML. Otherwise, you can now use the UI for that whole process. There’s even a color picker so that you can get just the right shade for your custom tags.
From the project level, you can also manage your tags and create, edit, or delete them as needed:
Opt-in Usage Analytics
Prior to v4.7, we had no way to receive usage data from your instance other than a ping to our licensing server when you first activate the instance. In v4.7, we have rolled out optional usage analytics that you can share with us. Yes, optional!
For full transparency, you can see exactly what you would be sending to us in the event log. It’s all anonymized data like “someone exported a Word report” or “someone logged in as a contributor” that is designed to help us understand how teams are using Dradis and should not reveal anything sensitive, not even your email address.
Of course, you can always opt out of sharing this data with us if you prefer. We’re excited to have a bit more information about how you’re currently using Dradis so that we can make the product even better for everyone in the future.
- Configurations: Add usage tracking and sharing
- Content Blocks:
- Add auto-caching
- Add image upload button to source view toolbar
- Issues: Display the results from importers in a Datatable
- Rubocop CI:
- disable EnforcedShorthandSyntax rule under Style/HashSyntax cop
- Add breadcrumbs to Revision History view
- Add secondary sidebar toggling functionality
Recent Activitytabs and add
View Historylink to the dots menu
- Tags: Add tag management
- Remove support for TLSv1.0 and TLSv1.1
- Add support for TLSv1.3
- Integration enhancements:
- Burp: Add support for large base64 response
- Nessus: Clean up code tags in description fields
- Netsparker: Add issue.classification_owasp2021 as a new avaiable field
- JIRA: Fix configurations page requiring JIRA token
- Remediation Tracker
- Add a sidebar with a back link and info pane for contributors
- Hide ticket actions from other addons for contributors
- SAML: Fix assets on login for some providers
- Upgraded gems:
- nokogiri, rails, rails-html-sanitizer, sanitize, sinatra
- Bug fixes:
- Business Intelligence: Prevent tracking of discarded projects/teams in dashboard
- Issues: Prevent multiple action cable subscriptions when going back to the issues table
- Project: Pre-select the project template when project creation fails
- Methodologies: Ensure params are validated when moving list/card
- Issuelib: Avoid partial matches being found when importing tool output
- Reporting enhancements:
- Add support for inline code
- Ignore character properties inside Code paragraphs
- Use ‘DradisData’ as sheet name for embedded chars
- REST/JSON API enhancements:
- Author: Add author field for content blocks, notes, issues, and evidence
Not using Dradis Pro?
- Automated reports, generate the same reports your clients know and love in a fraction of the time.
- Combine the output from 19+ different tools (including Qualys, Metasploit, Burp…) into a single report.
- Deliver consistent results. Never forget any steps, always know what has been covered and what is still ahead.
- Everyone on the same page: all information available across the team.
- Dradis Pro is reliable, with over 10 years of history, and has a top-notch dedicated support team.