Pentest Management
Share results and manage client relationships professionally
Gateway: Client Portal
Interactive results portal for clients. Keep everyone up to date during security assessments without generating a static report with each change.
Remediation Tracker
Close the gap between identification and remediation. Keeping remediation tasks with the findings makes it easier and faster to resolve vulnerabilities.
Contributor Questionnaires
Capture project context before kickoff. Create reusable forms to gather scope, requirements, or Rules of Engagement from clients before work begins—directly in Dradis Gateway.
Project Scheduler
Pentest management and calendar integration. Shows team availability and project timelines to create a smarter pentest management platform.
Business Intelligence
Analyze trends and metrics across projects. Understand project and industry segments using Business Intelligence trend analysis.
Mappings Manager
Streamline reporting and simplify ticketing by setting source fields and destination fields for content in Dradis.
Standards & Consistency
Maintain quality and standardize scoring
Risk Calculators
Built-in support for CVSSv4, DREAD, and MITRE ATT&CK risk calculators, or build your own custom formula-based risk calculator.
Methodologies
OWASP, PTES, OSCP, HIPAA, PCI or build your own. Use industry standard testing methodologies or create your own.
Issue Library
Reuse standard, high-quality vulnerability descriptions. You have seen this finding before and crafted a brilliant writeup. Reuse that work across the team.
Quality Assurance
In-app review flow. Built-in QA features let you review items before publishing, so you can have all your review done in Dradis across teams.
CSV Importer
Import any kind of CSV files into Dradis projects to streamline your reporting and maintain data consistency.
Intelligent Automation
Streamline your workflow and eliminate repetitive tasks
Rules Engine
Automation rules to combine scanner output. Discard what you don't need, combine, replace, and process findings from 25+ scanning tools like Burp, Nmap, Metasploit, NeXpose, and Nessus.
REST API
Integrate Dradis with the rest of your stack. Comprehensive HTTP/REST API to manipulate and interact with your Dradis data, with the ability to script and schedule operations.
Combine Manual and Automated Testing
Combine the output of scanning tools with the result of manual testing into one report, no manual editing required.
Dynamic Content with Liquid
Use Liquid for dynamic content in Dradis projects, tool mappings, automation rules, and generated reports.