Testing checklists that you will finally use

Use industry-standard methodologies or build your own. Always updated

Screenshot of the methodologies boaard

Always know what has been covered and what is still ahead - never forget any steps

Know who is working on what and see how much is left to do.

Instead of keeping your checklists in a shared folder somewhere, have them already loaded in your project before you start.

Easy to maintain, always up to date.

Screenshot showing a testing methodology board with tasks in different phases assigned to different team members

Support for OWASP, PTES, OSCP, HIPAA and many more

Use one of these methodologies to ensure consistent results across teams and projects:

  • OSSTMM v3
  • OWASP Top 10 2013
  • SANS SWAT checklist
  • OWASP web testing

Or load one of these compliance packs:

  • HIPAA Compliance Audit Protocol
  • OWASP Testing Guide v4
  • Offensive Security Certified Professional (OSCP)
  • Penetration Testing Execution Standard (PTES)
The Methodology progress tracker chart shown in the Project Summary page

Is everyone using the latest checklist?

Our built-in methodology editor makes maintaining and updating your methodologies simple:

  • Update the template, and everyone gets the latest version automatically.
  • New check or technique? Add it to the checklist so everyone learns about it.
  • Include a checklist in your project template to make sure everyone follows a consistent process.
The Methodology template manager view on Dradis' admin interface

Total flexibility: one methodology for each phase of the test, or for each host

We know security testing comes in all shapes and sizes.

Some times it's straightforward, a vanilla webapp assessment and you are done. Some times not so much: different phases, internal and external pentesting, combined with multiple web applications over several weeks.

Our solution?
  • You can have a single methodology if the project is straightforward.
  • You can load a separate checklist for each phase of the project.
  • You can even attach a testing methodology to a single host. Think about an infrastructure assessment, you can load your Active Directory, SQL Server, or ISS configuration reviews into the right nodes.
You can associate multiple testing methodologies to each project to tackle different aspects of it

Calculate Your Monthly Savings

Estimate your monthly savings from faster reporting.

Your inputs

Used for the "investment" line below.
$
USD
Daily rates are converted using 8 hours/day.
Teams moving from Word typically save 4-6 hours per report.
Most teams report saving around 4 hours per report.
Advanced options
Only needed if engagement volume is shared across the team.
Simple estimate. Use Advanced if you want "per team" volume.
Choose "Per team" if your engagements are staffed collaboratively.
Default assumes each person contributes to this many engagements per month.

Your results

Savings per report
$400
Hours saved
4 hrs
Savings per person / month
$1,200
Engagements / month
3
Savings for the team / month
$6,000
Team size: 5
Teams of 5 typically save $4,000-$8,000/month with Dradis.
Plan investment / month
$395
Assess at $79/user/mo
Net savings / month
$5,605
Net savings / year: $67,260
ROI multiple (monthly)
15.2x

Includes the Security Consultancy Delivery Playbook

Start saving $6,000 a month

Seven Strategies To Differentiate Your Cybersecurity Consultancy

You don’t need to reinvent the wheel to stand out from other cybersecurity consultancies. Often, it's about doing the simple things better, and clearly communicating what sets you apart.

  • Tell your story better
  • Improve your testimonials and case studies
  • Build strategic partnerships

Your email is kept private. We don't do the spam thing.