Testing checklists that you will finally use

Use industry-standard methodologies or build your own. Always updated

Screenshot of the methodologies boaard

Always know what has been covered and what is still ahead - never forget any steps

Know who is working on what and see how much is left to do.

Instead of keeping your checklists in a shared folder somewhere, have them already loaded in your project before you start.

Easy to maintain, always up to date.

Screenshot showing a testing methodology board with tasks in different phases assigned to different team members

Support for OWASP, PTES, OSCP, HIPAA and many more

Use one of these methodologies to ensure consistent results across teams and projects:

  • OSSTMM v3
  • OWASP Top 10 2013
  • SANS SWAT checklist
  • OWASP web testing

Or load one of these compliance packs:

  • HIPAA Compliance Audit Protocol
  • OWASP Testing Guide v4
  • Offensive Security Certified Professional (OSCP)
  • Penetration Testing Execution Standard (PTES)
The Methodology progress tracker chart shown in the Project Summary page

Is everyone using the latest checklist?

Our built-in methodology editor makes maintaining and updating your methodologies simple:

  • Update the template, and everyone gets the latest version automatically.
  • New check or technique? Add it to the checklist so everyone learns about it.
  • Include a checklist in your project template to make sure everyone follows a consistent process.
The Methodology template manager view on Dradis' admin interface

Total flexibility: one methodology for each phase of the test, or for each host

We know security testing comes in all shapes and sizes.

Some times it's straightforward, a vanilla webapp assessment and you are done. Some times not so much: different phases, internal and external pentesting, combined with multiple web applications over several weeks.

Our solution?
  • You can have a single methodology if the project is straightforward.
  • You can load a separate checklist for each phase of the project.
  • You can even attach a testing methodology to a single host. Think about an infrastructure assessment, you can load your Active Directory, SQL Server, or ISS configuration reviews into the right nodes.
You can associate multiple testing methodologies to each project to tackle different aspects of it

How Much Will You Save?

ROI calculator: Tell us about your business.

We've got people in the team, each of us is involved in about projects per month on average, and our average rate is around $ USD.

If we could save hours per report. How much money will using Dradis Pro save us?

If you saved 2 hours per report, or $200 at your current rate, times 3 projects a month: you'll save $600 per person each month, that's $3,000 for the 5 of you every month.

Just to be clear, the investment required for Dradis Pro is $79 per person (or $474 for the team). If the tool saves you $600, the first $474 go towards paying for itself and the remaining $521 are pure savings, every month. That's $6,252 per year that you're leaving on the table.

There are lots of things you can do with $6,252:

  • Invest more time testing to get more results and add more value to your clients.
  • Use that time to wrap up the project and update your testing methodologies.
  • Use that time to find new clients.
  • Pass the savings to your clients and become more competitive.
  • Don't tell anyone and just pocket the savings.
Start Saving $3,000 a month

Streamline InfoSec Project Delivery

Learn practical tips to reduce the overhead that drags down security assessment delivery with this 5-day course. These proven, innovative, and straightforward techniques will optimize all areas of your next engagement including:

  • Scoping
  • Scheduling
  • Project Planning
  • Delivery
  • Intra-team Collaboration
  • Reporting and much more...

Your email is kept private. We don't do the spam thing.