Using methodologies

This page contains:

A testing methodology is a great way to ensure consistency across all your projects. In a nutshell, methodologies are checklists of tasks you need to perform at some point during the test.

The specific tasks will depend on the engagement type. You can have methodologies for infrastructure, web application, code reviews, etc.

Or you can head over to the Extras section of the Users Portal, to download some of the methodologies we provide.

Adding a methodology to the project

Click on Methodologies in the sidebar, and then on Create new methodology...:

Select Blank methodology to create a new, blank methodology or select From template and choose from the dropdown of existing methodology templates on your instance. one you're interested in, and give it a name. Click Add to project and you are all set!

For more information on how to add methodology templates to your instance, check out the methodology templates page of the Administration guide.

Adding a new methodology to the project

Click Create new methodology..., select Blank methodology, then give it a Name before clicking Add methodology.

Adding a new List

Your methodology can contain multiple lists. These can be task categories (e.g. External, Internal, Webapp, etc.), task status (e.g. Next, In Progress, Ready for Review, Completed), or labeled however makes the most sense for your team and workflow.

Add lists to your Methodology by clicking Add a list... and giving the new List a Name before clicking Add list.

Adding a new Task

These are the heart of your methodology. Each Task represents a check, an action, or a step that you need to complete.

To add a new Task, find the List you want to add your Task to, then click Add a task... at the bottom of that List.

Each Task allows you to set a Name, a Due Date, Description, and Assignees.

Create fields in your Description using the + Add field button in the Fields view, or the normal #[Field]# syntax in the Source view. You can even use the Methodology content control to export just the fields that you need from the Task Description into your reports.

Assign this task to any of the Users who have access to the project.

Moving a Task

To move a Task from one list to another, just drag and drop!

Deleting and recovering

Open up a Task, click Delete, and confirm that you want to delete the task.

Use the Trash feature to recover your deleted Tasks. If the List the Task was previously on no longer exists, the restored Task will be added to a new Recovered List in your Methodology.

Tracking progress

Once you add a methodology to the project, the Methodology progress widget in the project summary page comes alive:

This is a progress meter that shows you how many Tasks are in each List of your Methodology and gives you an idea of how far along you are towards completing all the steps in your methodology.

Adding a methodology to a node

You can also add methodologies to individual nodes. To do so, browse to the node where you want to add the methodology, click the Methodology tab, then click Add methodology.

A node-level methodology works the same way as a project-level methodology, except that it will not be displayed under Methodology progress on the project summary page.

Create a Methodology template

Because methodology templates are a system-wide feature (you create a template and it becomes available to all Dradis users), you need Administrator privileges to create a template.

If you are an administrator head over to the Administration manual to learn how to create methodology templates.

If you don't have administration privileges, ask an admin to convert your existing methodology / checklist into a template so you can be more efficient in the future.

Next help article: Project templates →

Streamline InfoSec Project Delivery

Learn practical tips to reduce the overhead that drags down security assessment delivery with this 5-day course. These proven, innovative, and straightforward techniques will optimize all areas of your next engagement including:

  • Scoping
  • Scheduling
  • Project Planning
  • Delivery
  • Intra-team Collaboration
  • Reporting and much more...

Your email is kept private. We don't do the spam thing.