Evidence content control

This page contains:

The Evidence content control is a special control that tells the reporting engine to repeat a given section of the report for each piece of Evidence associated with a vulnerability.

A concrete example

We're going to use the same example we used in the Adding issues and evidence section.

An Out-of-date Apache vulnerability that affects 2 different hosts (port tcp/80 in host 10.0.0.1 and ports tcp/80 and tcp/443 in 10.0.0.2).

This means our Dradis project will have:

  • One issue: Out-of-date Apache
  • Two nodes: 10.0.0.1 and 10.0.0.2
  • Three pieces of evidence:
    • One for 10.0.0.1, port tcp/80
    • One for 10.0.0.2, port tcp/80
    • One for 10.0.0.2, port tcp/443

The Evidence control in your template

The Evidence control is a wrapping control (i.e. it is used to enclose other template content). We're going to start by creating a Label placeholder and wrapping it into an Evidence control:

The Evidence content control must be applied within an Issue content control, otherwise there is no context for it and the Evidence will not populate in the exported report.

Exporting our report right now would result in the following:

We can see that the reporting engine is working as expected, repeating the section of the report enclosed by the Evidence control for each of the pieces of Evidence we've got in the project.

The Evidence Label control

As you just saw, the Label control can be used inside an Evidence control to display the label of the node associated with the Evidence.

This is especially useful when you have multiple instances of a problem, with code or screenshots in them. By adding the Label control you can easily see where one instance ends and the next one starts.

Evidence field placeholders

The Evidence wrapping control works in the same way the other wrapping controls we've seen so far (i.e. Issue and Note) and lets us create placeholders for the fields defined in your content.

For example, lets enhance our template to contain placeholders for the Port and Details fields:

The importance of consistency

Right now our template is expecting that each piece of Evidence in your project contains a Port and a Details fields.

That's easy enough to get right, but it is up to you to ensure you remember that your template is going to look for this fields.

Lets go ahead and add the first piece of evidence:

If you're wondering how to get that grey background block, feel free to jump ahead to the Code blocks section of the manual, we'll wait for you here.

Adding the other instances of Evidence to the project and exporting results in:

You can see how the Port and Details placeholders have been populated with the relevant information for each Evidence in our project.

Filtering your Evidence

Evidence content control can be filtered to allow you to further customize your reports. For more on the different options, check out the Filtering and Sorting page of this guide.

Next help article: Affected content control →

Seven Strategies To Differentiate Your Cybersecurity Consultancy

You don’t need to reinvent the wheel to stand out from other cybersecurity consultancies. Often, it's about doing the simple things better, and clearly communicating what sets you apart.

  • Tell your story better
  • Improve your testimonials and case studies
  • Build strategic partnerships

Your email is kept private. We don't do the spam thing.