Why does Security Roots exist?

Since 2007, we've worked to reduce the overhead associated with security engagements

We come from a background in security consulting: a 30+ project a year, 85% utilization background.

We've suffered the pains of having to deal with all the overhead involved in delivering short-lived engagements: exchanging dozens of emails to keep track of tasks, writing the same issue descriptions again and again for the report...

There had to be a better way.

Security specialists thrive when attacking (or defending) systems. Everything else (e.g. reporting, project planing, etc.) is overhead.

A centralized vulnerability database, a way for the team to share information, an automated reporting tool — these systems are a must for every security group that wants to stay competitive (or be cost-effective).

We do software. No security testing. No distractions. No outside investors.

We can help you in a few ways:

  • Collaborate efficiently and share information.
  • Be consistent across engagements, don't forget anything, avoid surprises.
  • No headaches. Our solutions work out-of-the-box, no installation needed — deploy on-prem or to your cloud environment.
  • Great support. Your pain is our pain. We're here to help every step of the way and to give you piece of mind.

Our Mission

We help information security teams focus on making systems more secure by reducing the overhead of managing and discussing the outcome of the security assessments they perform for their clients (whether these are inside their organisation or outside of it).

What We Believe

We are here for the humans. At the end of the day, the work done in infosec is for and about humans. And as messy as humans are, that can make this work frustratingly complicated. Sure, scanning tools and blinking boxes can handle some of it - but pulling everything together requires a human. We are here to make it simpler for you to be human by getting the time sucks out of your way.

Infosec is a team sport. Just like information systems are interconnected, so are the different folks involved in securing them. Sharing clear information and thinking creatively together is often critical to solving the problem at hand, so let's do more of that well.

Customers + Vision = Roadmap. We don't have an official roadmap, but that's not to say we don't have plans. We've got big ideas on how this industry will continue to evolve and how we can best serve you and your customers. That's why we reach out to our customers and invite your feedback.

It's your data. You keep it. Whatever data you put in Dradis, including your app usage, is yours and we like it that way. We respect your privacy and that of your customers like we value our own. We trust that you will let us know how we can improve and make a better product.

Meet the Team

We are a fully remote and distrubuted team of humble, friendly, and talented people who genuinely care about our craft and serving the information security industry.

Daniel's picture

Daniel Martin


Daniel created and open-sourced the Dradis Framework in 2007 - to do what he does best: help others work better by providing back-end tools that automate the boring parts.


Rachael's picture

Rachael Carder

Help & Support

From Word reports to bug reports, Rachael is here to help you figure out what's going wrong and how to fix it.


Aaron's picture

Aaron Manaloto


Aaron is a developer with a burning passion for computing. He makes sure that Dradis is the best tool for the job by contributing to its development and keeping it functionally sound.

Christoffer's picture

Christoffer Pedersen

Help & Support

Christoffer is here to help you with all of your support questions, to make sure that your reporting is how you want it and that Dradis is running as it should.

Matt's picture

Matt Budz

Product Design

Matt is a designer with a creative edge. He creates user-friendly, beautiful and responsive layouts that flow freely, allowing users to navigate easily and find what they need quickly and efficiently.


Sean's picture

Sean Yeoh


Sean enjoys building software that creates positive impact on people's lives. He is here to make Dradis a better product than it was yesterday.

Marlene's picture

Marlene Reeders


Marlene loves connecting with teams around the world to help them do more of the work they're passionate about and less of the busywork that keeps them from it.

Who are our users?

We work with over four hundred teams around the world.

Many are security consultancies, but there are a number of software and hardware vendors, internal security teams and a good share of freelancers.

To list a few, we have clients in the following countries:

Hong KongHong Kong
United Arab EmiratesUnited Arab Emirates
Saudi ArabiaSaudi Arabia
South AfricaSouth Africa

At a glance

  • Security Roots is a small, independent software vendor, established in 2010.
  • Self-funded, no investors, no distractions. 100% focused on our users.
  • Dradis is named after the remote sensing system in the ships of the Battlestar Galactica TV series ‐ watch video.

The Dradis Community

The Dradis Framework started as an open-source project in 2007. The open source side of things is alive and strong, with ~400 git clones per week.

Our tools are used by 1000s of InfoSec experts every day, and have been included in several Linux security distributions like BlackArch, Kali, Parrot and Pentoo.

Are our solutions for you?

If you feel the pain of repeating the same tasks again and again. If you think that there should be an easier way to automate most of the overhead and deliver a consistent result, then yes, you're not alone.

Lets work together to make your life a bit easier.

Dradis Professional Edition

Dradis Community Edition

Satisfaction Guarantee

We can put you in contact with clients in your industry or country so you can have an unfiltered conversation on how satisfied with our work they are.

Streamline InfoSec Project Delivery

Learn practical tips to reduce the overhead that drags down security assessment delivery with this 5-day course. These proven, innovative, and straightforward techniques will optimize all areas of your next engagement including:

  • Scoping
  • Scheduling
  • Project Planning
  • Delivery
  • Intra-team Collaboration
  • Reporting and much more...

Your email is kept private. We don't do the spam thing.