Projects 101

Team and permissions

Activity feed and revision history

The Project Scheduler

Comments, Notifications, & Subscriptions

Using Nodes to structure the project

Node properties

Working with Notes

The Report Content page

Adding issues and evidence

Liquid Dynamic Content

Combine multiple Issues

Bulk-update Issues

CVSS and DREAD calculators

Add attachments

Tagging issues

Using methodologies

Project templates

Upload and work with tool output

Upload and work with CSV files

Search your project

Restore deleted content with the Trash feature

Quality Assurance View

Generate your report

Importing and exporting projects

Performing a retest

Customizations and Configurations

Re-encrypt your LUKS-encrypted disk and generate a new volume key

Automatically unlock your LUKS-encrypted drive

Change your LUKs-encrypted drive's passphrase

Change default CIC password

Set up SSL certificates so that upgrades won't override them

Set up SSL certificates with Let's Encrypt

Increase the number of puma threads

Increase the number of export worker processes

Set maximum login attempts

Increase session timeout period

Usage analytics sharing

Configure the mail server

Configure the Burp-Dradis Extension

Connecting Dradis to MediaWiki

Enable extra import add-ons

API basics

Teams endpoint

Users endpoint

Projects endpoint

Nodes endpoint

Issues endpoint

Evidence endpoint

Content Blocks endpoint

Notes endpoint

Attachments endpoint

Document Properties endpoint

Methodologies endpoint

IssueLibrary endpoint

Intro to the Command Line Interface

User's guide to the Dradis Console

Upload tool output from the command line

[scripting] Find projects with XSS issues

[scripting] Find Issues added in the past 24 hours

[scripting] Statistics on Issues and Projects

[scripting] From Nessus output to custom report

[scripting] Update your IssueLibrary entries

Intro to the BI Dashboard

Custom Team Properties

Custom Project Properties

From Properties to Metrics

Trend Analysis

Intro to Liquid Gateway Themes

Creating Liquid Gateway Themes

Using Liquid Gateway Themes

  1. Support Home
  2. Collaborate
  3. Administration manual
  4. Report template properties

Report template properties

This page contains:

Report template properties give you control over the content of your report template in a different way. Define fields needed to validate your project, filter the contents of your project, or even change the title of your document.


Basic details

Quickly edit the Title of your template. The Template file field will always display the original name of the document at the time you uploaded it.

  1. Log in as Administrator.
  2. From the Projects page, navigate to Templates > Reports.
  3. Click the Edit icon below the correct template.
  4. Edit the Title field.

The Title that you set in the report template properties will appear on the Export page along with the filename:


Content blocks

Define the Content Blocks that your Word report is looking for so that Validate Export can check your document for any missing Block Groups.

First, it's important to note that the Block Group is an identifier that you can use to categorize individual Content Blocks. For example, you could have 2 Content Blocks that are inside the Appendix Block Group if you needed 2 Notes in your report’s Appendix section. Name the Block Groups however it makes sense for you.

For the example below, we're going to define a Block group for the following Note template:

#[Title]#
Overall Risk Rating

#[Type]#
Risk

#[Risk]#
High | Medium | Low

#[Description]#
  1. Log in as Administrator.
  2. From the Projects page, navigate to Templates > Reports.
  3. Click the Edit icon below the correct template.
  4. In the Content blocks section, define all the fields within your Note Template. For example template above, we need to define fields for Title, Type, Risk, and Description. Don't forget to give the Block Group a name!
    Note that we've specified several acceptable values for our Risk field. This is especially important if your report template's Notes are being sorted/filtered by specific values. For example, if you're applying conditional formatting based on the overall risk rating for the project, this setup will flag any values that don't belong (e.g. Critical).

Document properties

Define the custom document properties in your Word report so that Validate Export can check your document for any missing properties on export.

For the example below, we're going to define the three fields in this simple report template:

These fields are defined within Dradis as dradis.client, dradis.startdate, and dradis.enddate respectively.

To define these custom document properties:

  1. Log in as Administrator.
  2. From the Projects page, navigate to Templates > Reports.
  3. Click the Edit icon below the correct template.
  4. In the Document properties section, define all of the fields within your Project Properties template. For the example above, we would define custom properties for dradis.client, dradis.startdate, and dradis.enddate as shown below:

Issue fields

Define the fields within your Issues so that Validate Project knows what to look for on export and can warn you about any missing or incorrect fields in your project. And, this allows Dradis to automatically validate each Issue as you save it.

For the example below, we're going to define the Issue fields for this simple template:

  1. Log in as Administrator.
  2. From the Projects page, navigate to Templates > Reports.
  3. Click the Edit icon below the correct template.
  4. In the Issue fields section, define all the fields within your Issue Template. For example template above, we need to define fields for Title, Rating, Description, and Recommendation.
    Note that we've specified acceptable values for our Rating field. This is especially important if your report template's Issue are being sorted/filtered by specific values. For example, if you're sorting your Issues by Rating, this setup will flag any values that don't belong (e.g. Critical).

Evidence fields

Define the different fields that each instance of Evidence in your project should contain. This lets the Project Validator know what to look for on export and can warn you about any missing or incorrect fields in your project. And, this allows Dradis to automatically validate each piece of Evidence as you save it.

For the example below, we're going to define the Evidence fields for this simple template:

  1. Log in as Administrator.
  2. From the Projects page, navigate to Templates > Reports.
  3. Click the Edit icon below the correct template.
  4. In the Evidence fields section, define all the fields within your Evidence Template. For example report template above, we need to define fields for Status, Request, and Response.
    Note that we've specified acceptable values for our Status field. This is especially important if your report template's Evidence content controls are being sorted/filtered by specific values. For example, if you're filtering your Evidence by Status, this setup will flag any values that don't belong (e.g. Pending).

Issue sorting

Sort the Issues in your project by any of the numeric Issue Fields you've defined. When selected, this property will sort the Issues in your report by this field, highest to lowest, before exporting them.

  1. Log in as Administrator.
  2. From the Projects page, navigate to Templates > Reports.
  3. Click the Edit icon below the correct template.
  4. Under the Issue sorting section, just select Numeric field you want to sort by from the dropdown that appears.

Auto-generate properties on upload

When you upload your report template, you can select Auto-generate properties from the uploaded template. Behind the scenes, Dradis will scan your report template during the upload process and generate the report template properties based on the content controls and fields in the document.

Please review the properties after upload to ensure that all fields, values, and types appear as expected.


Validation

Issue and Evidence fields: validate your projects

The Issue and Evidence fields are used to validate your project during the export process. Plus, they automatically check every Issue and instance of Evidence in your project as you save them.

Now when you validate your project on export, you'll know immediately whether your project's Issue and Evidence fields match the fields that your report template is looking for.


Automatically validate Issue and Evidence fields

When your project is associated to a report template with Issue and Evidence fields defined, Dradis will automatically validate each Issue and each instance of Evidence in your project as you save it.

When you create your project, make sure that it is associated with the correct report template that has the Issue and Evidence fields defined.

Then, every time you update an Issue or piece of Evidence, Dradis will check to make sure that the fields match the expected fields you set in the report template properties.

In this example, Dradis is expecting a Rating field with a value of High, Medium, or Low within the Issue. We misspelled the field value and entered Hgih so we will see the following error message:

In this next example, we have an instance of Evidence that contains a Status field but has an invalid value. Dradis is expecting a Status field value of Open or Closed but this piece of Evidence has the Status set to Pending so we will see the following error message:


Next help article: Note templates →

Streamline InfoSec Project Delivery

Learn practical tips to reduce the overhead that drags down security assessment delivery with this 5-day course. These proven, innovative, and straightforward techniques will optimize all areas of your next engagement including:

  • Scoping
  • Scheduling
  • Project Planning
  • Delivery
  • Intra-team Collaboration
  • Reporting and much more...

Your email is kept private. We don't do the spam thing.