When you create, import, or upload vulnerabilities to Dradis, you can set the QA state of issues. You might want to set a manually created issue to a "Draft" state and a Nessus upload to "Ready for review", and then see at a glance where your vulnerabilities are in the process.
Blocks of content such as executive summaries, scopes, etc. can also have their QA state set, so you know which works are draft works-in-progress and which are ready to review or to publish. Several people working on issues at the same time? One person writing vulnerability descriptions while another is checking for false positives? No problem!
Your users can comment on content inside your Dradis projects, and other users will be notified about any comments to content they are mentioned in or subscribed to. That way, an on-site tester can provide real-time feedback on issues, and copywriting users can ask for feedback from technical users on items they are reviewing.
While reviewing, use next/previous controls in the QA sidebar to move through items quickly. After updating a QA state, Dradis takes you directly to the next item in your queue.
Export your reviewed and published content as it becomes ready, making sure that items in the drafting or review stages are left out. If management wants a preview of everything found so far, you can publish everything, and if you are using the Gateway, users or the client can see changes in real time and provide comments as they go.
Assign reviewer roles to control who has permission to publish. This ensures only approved team members can move content to the final stage, reducing the risk of accidental publication and maintaining review integrity.
Project cards include a summary of how many records are in each QA state—Draft, Ready for Review, or Published—so you can assess review progress at a glance.
View revision history directly from QA views. See exactly what changed, when it changed, and who made the update—including QA state changes.
Your email is kept private. We don't do the spam thing.
