Dradis Professional Edition is a collaboration and reporting tool for information security teams that will help you deliver the results of security assessments, in a fraction of the time without the time-wasting frustration of creating manual reports.

What’s new in Dradis Pro v3.2

Here is Rachael with a quick video summary of what’s new in this release:

Integrated CVSSv3 Calculator

Quickly generate a CVSSv3 Risk score for an individual issue directly in Dradis. The CVSSv3 score calculator is now included as a tab on each issue for handy access. Edit the values on the calculator to populate the issue’s CVSSv3 details, including a valid vector string, with no need to copy and paste!

IssueLibrary ships with Dradis Pro⛵

Ever wish that the IssueLibrary wasn’t a separate installation and upgrade process from Dradis Pro? Wish no more! IssueLibrary is now bundled with Dradis Pro.

If you haven’t been using IssueLibrary, now is your pain-free opportunity to give it a spin. Cultivate a collection of your finest vulnerability descriptions to reuse across your Dradis Pro projects.

Already have vulnerability descriptions in another format outside of Dradis? Reach out to our support team and they can set you up to easily migrate them into IssueLibrary.

Upgrading from an earlier version of the IssueLibrary?
You must first remove IssueLibrary before applying the DUP by deleting the IssueLibrary line from /opt/dradispro/dradispro/current/Gemfile.plugins.

IssueLibrary API endpoints

The IssueLibrary is the newest API endpoint to be added to Dradis Pro. Use this new endpoint to create, update, retrieve and delete IssueLibrary entries. Check out the IssueLibrary API guide for examples to get started.

Ready to upgrade to v3.2?

Release Notes

• Use ajax in comments
• Fix nodes sidebar header margin
• Add bold font to improve bold text visibilit
• Fix links display in Textile fields
• Fix redirection destinations after edit/delete evidence
• Refactor cache keys in pages with comments
• Disable turbolinks cache when displaying flash messages
• Sort attachments in alphabetical ASCII order
• Fix methodology checklist edit error
• Add contributors and contributors management
• Add IssueLibrary to the main app – no manual upgrades!
• Fix export error caused by whitespace between newlines
• Fix auto-linking export error for non-latin characters, dashes, and parenthesis
• Fix multiple permissions added to a project when created via API
• Add default tags to new project templates
• Fix the bug that caused project to disappear when an author updates a project
• Add seeds for the rules engine
• Fix user count in teams list
• Add contributor management view hooks for the Teams and Users pages
• Allow deletion of teams with users
• Show project Custom Properties in Business Intelligence – Trend Analysis
• Fix XSS vulnerability when uploading svg attachments
• Fix XSS vulnerability when evidence were sent to Trash
• REST/JSON API:
  • New endpoint: IssueLibrary entries
• Add-on enhancements:
  • CVSS calculator: embed CVSSv3 calculator in Issue page
  • Acunetix: Resolve create_node errors that appeared with URLs wo/ “http”
  • Burp: Make `issue.detail` available at the Evidence level
  • Netsparker: Change alphabetical lists to bullet lists

Not using Dradis Pro on your team?

These are some of the benefits you are missing out on:

• Automated reports, generate the same reports your clients know and love in a fraction of the time.
• Combine the output from 19+ different tools (including Qualys, Metasploit, Burp…) into a single report.
• Deliver consistent results. Never forget any steps, always know what has been covered and what is still ahead.
• Everyone on the same page: all information available across the team.
• Dradis Pro is reliable, up-to-date and with comes with a top-notch dedicated support team.

Read more about Dradis Pro’s time-saving features or what our users are saying.