Introducing Dradis Echo

Now AI integration is available (and entirely optional!) for Dradis. With Dradis Echo, you can deploy your preferred LLM in Ollama – a framework that lets you run LLMs locally, no external connections at all necessary – to work with Dradis. Use it to summarize raw scanner output, rewrite tester notes into executive language, enhance remediation advice, and more!

Webhooks for Dradis Gateway

You can now use Webhooks to carry out actions based on events in Gateway. Contributor requests, remediation progress, and project completions can trigger automated actions across your security stack. For example, kick off an onboarding flow when a client submits a project through Gateway, post Slack updates on new events in Gateway projects, or sync your ticket status across Jira, Azure DevOps, or ServiceNow.

While only Gateway webhooks are supported in Dradis v4.19, we plan to support other types of events in the future!

IssueLibrary improvements

We have also launched a series of improvements to the IssueLibrary. You can now upload CSV files to the IssueLibrary to bulk-import your own set of custom issues. You can bulk-delete issues in the IssueLibrary view. And finally, now when you go to add an IssueLibrary entry to a project, you can see each entry’s QA status, so you don’t import an unreviewed work-in-progress by accident!

Release Notes

• Editor:
  • Add inline code and highlight code buttons to the toolbar
• Layout:
  • Improve primary action visibility for Evidence, Issues, Methodologies, Notes, and Node Properties
• Navigation:
  • Move Trash and Project Configurations in main navigation bar
• Contributors:
  • Add a dashboard with Gateway, Remediation Tracker, and Notification widgets
• Hera:
  • Improve primary action visibility and add view description
• Projects:
  • Add user select-all functionality in project creation
• Webhooks:
  • Add event-driven webhook implementation
• Upgraded gems:
  • faraday, rack, rails, uri
• Bugs fixes:
  • Editor:
    • Add disabled button styling
  • Datatables:
    • Ensure correct record ordering when applying sorting
  • Kits:
    • Restore the functionality of the ‘Add mappings from kit’ option
  • Notifications:
    • Remove the duplicate breadcrumb link shown in project notifications
  • Sidebar:
    • Prevent the toggle button from being covered by the scrollbar
• New integrations:
  • Webhooks:
    • react to server-side events in your other systems
• Integration enhancements:
  • Gateway:
    • Add activities tracking
    • Add event instrumentation for webhooks
• Issue Library:
  • Add bulk delete action for entries
  • Import entries to the library using a CSV file
  • Import published entries to projects when using QA

Not using Dradis Pro?

• Automated pentest reporting tool, the cybersecurity reports you’re used to, generated in a fraction of the time
• Combine the output from 20+ different tools into a single report.
• Deliver consistent results. Never forget any steps, always know what has been covered and what is still ahead.
• Pentesting collaboration: all information available across the team.