We’re heading to Singapore for Black Hat Asia 2025, and we’ll be showing off the latest in streamlined reporting and collaboration at our Dradis Arsenal demo. We’re excited to be part of the Black Hat Arsenal, demoing how Dradis helps security teams collaborate and report more effectively.
Catch us here:
🧪 Dradis @ Black Hat Arsenal
Business Hall – Arsenal Station 3
📅 April 3, 10:05am-11:20am
Learn how our most recent updates—which include in-app quality assurance workflows, easier deployment with Docker, and AI-driven enhancements—allow for the creation of reports faster and with greater quality.
When we’re not presenting, we’ll be diving into the briefings, trainings, and executive summits across AI, exploit development, cloud, and physical infrastructure. Here’s what we’re most excited about.
Hello, good looking.
We’ve introduced a new project theme for Dradis. Tylium* is more than sprucing up the design with sleek lines and modern styles. It incorporates thoughtful details to improve your workflow and provides us greater flexibility to address your UI feedback moving forward.
This is a big visual change, but you won’t have to hunt for the Dradis items you rely on since they haven’t gone too far from the previous theme, Snowcrash. We’ve minimized the impact on your day-to-day use of Dradis by keeping the feel and flow of the app familiar.
Tylium optimizes your workspace, keeping the purpose of each view in mind. It adds space where you need more real estate for updating findings and resizes or rearranges elements when you need to see the big picture. An example of this can be seen with the collapsible sidebar that adds roughly 20% more space and keeps all sections of the app quickly accessible, even adding a dashboard link to the project summary.
As always, we’re eager to hear what you think. If you have feedback on Tylium drop a comment here, send it via email, or share it in Slack.
*It is SOP at Security Roots that we honor our nerdoms where we can. Snowcrash, the previous theme, is a nod to Neal Stephenson’s cyberpunk novel of the same name. Our love of Battlestar Galactica continues on with the new theme, paying homage to the powerful fuel source used in the series – Tylium.
Report Generation Errors
Everyone knows that validating your report before generating it will save you a headache tracking down problems with the report later. Now, the validator is more helpful by providing additional context to help locate the problematic evidence. While we are preventing headaches if your report has errors that are detected during generation the option to download it won’t be displayed.
Release Notes
- Update app to new Tylium layout
- Add the ability for kits to update an instance’s Plugin Manager templates
- Add revision history for cards
- Bugs fixed:
- Updated support beacon. Legacy support was dropped for older versions
- Fix errors on content overwrite flash messages
- Fail and redirect to login instead of raising an error when attempting to log in as a user that has been removed
- When a report export is invalid and errors we disable the download button to prevent further errors
- Fix the mail initializer not finding existing configuration settings from the db
- Fix Cancel link path for the Note Edit page
- Fix services_extras not being excluded from Excel exports
- Fix Rule checking for non-existent fields
- Integration enhancements:
- CVSSv3 calculator provides access to all Temporal/Environmental fields
- Reporting enhancements:
- Add support for ellipsis
- Better Evidence references on failed validations
- REST/JSON API enhancements:
- Add team (team id, team name, team_since) in the teams API endpoint
- Security Fixes:
- High: Authenticated author can no longer continue to make project changes and will be logged out after being disabled by an admin
- Medium: Prevent admins from updating other user’s comments
