Dradis Framework is a collaboration and reporting tool for information security teams to manage and deliver the results of security assessments, in less time and with less frustration than manual methods.

Per-Tool Permissions

Before Dradis Pro v3.8.0, Admins had access to everything and Authors had access to a subset of features. Now, you can give specific Author users permission to use the tools they need. And, you can give them just the level of access that they need.

Each Author can be given access to specific projects. And, for tools like the IssueLibrary, the Rules Engine, or premium tools like the Remediation Tracker, Authors can be given action-based permissions. Do you only want Author #1 to be able to Read IssueLibrary entries but not create, update, or destroy them? You can do that! Do you want Author #2 to have full control over the Rules Engine? You can do that too!

AffectedCount and AffectedList controls

We’ve had the Affected content control for a long time. The Affected control exports a de-duplicated list of comma-separated Nodes for a specific Issue. But, what about if you needed each de-duplicated Node on a new line or in a bullet list? Or, what if you need to count the number of affected Nodes for your Issue?

We’ve rolled out 2 new content controls: AffectedList and AffectedCount. As you can see in the before/after example below, the AffectedList will export the same data as the old Affected content control, just in a list format. And, the AffectedCount will output the number of unique Nodes that the Issue is associated with.

Do you need help updating your report template to use these new content controls? Email our support team and we’d be happy to help!

Project List table

We’ve also updated the Projects page to help you find that one Project you’re looking for. Your most recent projects will appear at the top of the screen as always. But, at the bottom, there’s now a sortable and filterable table. Click the column headings to sort the table by that field. Click the 2 columns dropdown to display different fields. And, type in a keyword to filter the table and display a subset of Projects.

Release Notes

• Add all activity view
• Give dynamic columns, sorting and filtering to project list table
• New Per-Tool Permissions
  • Premier the new project permission panel for testers
  • Introduce permission management for Issue Library, Rules Engine, and Remediation Tracker
• Remove inconsistent content blocks breadcrumb
• Render markup inside table columns
• Update top navigation link styles and collapsed menu
• Upgraded gems: rack, sanitize, sassc
• Bugs fixed:
  • Comments:
  • Removes the edit link while editing
  • Fixes lingering comment borders after deleting comments
  • Resolves broken OVA and DUP upgrades on VM’s running in ESXi
  • Prevent icon overlap of long headers in secondary sidebar
  • Fixes overflow of long unbroken table cell text
  • Prevent text overflow on to select areas
  • Word report generation no longer errors with extra document properties
• Integration enhancements:
  • IssueLib: markup rendered in columns
• Reporting enhancements:
  • Excel: add Tag column
  • Word
    • New AffectedCount content control
    • New AffectedList content control (one host per line)
    • Update exported tables to have 100% width by default

Not using Dradis Pro on your team?

• Automated reports, generate the same reports your clients know and love in a fraction of the time.
• Combine the output from 19+ different tools (including Qualys, Metasploit, Burp…) into a single report.
• Deliver consistent results. Never forget any steps, always know what has been covered and what is still ahead.
• Everyone on the same page: all information available across the team.
• Dradis Pro is reliable, with over 10 years of history, and has a top-notch dedicated support team.