Home > Blog
                                            d8b 888                                         888             
                                            Y8P 888                                         888             
                                                888                                         888             
.d8888b   .d88b.   .d8888b 888  888 888d888 888 888888 888  888    888d888 .d88b.   .d88b.  888888 .d8888b  
88K      d8P  Y8b d88P"    888  888 888P"   888 888    888  888    888P"  d88""88b d88""88b 888    88K      
"Y8888b. 88888888 888      888  888 888     888 888    888  888    888    888  888 888  888 888    "Y8888b. 
     X88 Y8b.     Y88b.    Y88b 888 888     888 Y88b.  Y88b 888    888    Y88..88P Y88..88P Y88b.       X88 
 88888P'  "Y8888   "Y8888P  "Y88888 888     888  "Y888  "Y88888    888     "Y88P"   "Y88P"   "Y888  88888P' 
                                                            888                                             
                                                       Y8b d88P                                             
                                                        "Y88P"

Sunday, 20 May 2012

Upcoming in Dradis Pro v1.5: Support for custom Word properties


Reporting is a pain point for many organizations and with Dradis Professional you can create high-quality custom Word reports in minutes instead of hours.

One of the latest features we have added is the ability to populate document properties straight from Dradis Pro. Certain document properties are often reused in multiple locations throughout the document (e.g. the client name). You can provide through Dradis Pro information such as project name, client, dates, etc. and reuse these fields throughout the report.





We have created a comprehensive guide in our support site:

DradisReports: using custom document properties


Still not a Dradis Pro user?


Join dozens of organizations already benefiting from a more consistent approach to security testing.

These are some of the benefits you are missing out:

  • Less time writing reports
  • Provide a consistent experience to your customers
  • Pro is reliable, up-to-date and with comes with quality support

Read more in Why you should give Dradis Professional Edition a try?

Posted by Security Roots Ltd at 18:31 0 comments
Labels:

Saturday, 21 April 2012

Upcoming in Dradis Pro v1.5: the Plugin Manager

The Plugin Manager puts all the Dradis Plugins plugins to work for your organization.

You will be able to customize how the different plugins create their notes. This means that all plugins can generate notes in exactly the format you need for your report template.

This is what the main interface looks like:



And the note template editor with live preview:



Each plugin defines a list of available fields so you know which ones you can use in your template:



Think about it, you can customize the notes created by the Nessus and NeXpose plugins to use the fields that you need for your report. And if you change your mind and update your report or change the nomenclature? With the Plugin Manager, tweaking the plugin's behavior is seconds away.


Still not a Dradis Pro user?


Join dozens of organizations already benefiting from a more consistent approach to security testing.

These are some of the benefits you are missing out:

  • Less time writing reports
  • Provide a consistent experience to your customers
  • Pro is reliable, up-to-date and with comes with quality support


Read more in Why you should give Dradis Professional Edition a try?
Posted by Security Roots Ltd at 16:16 0 comments
Labels:

Friday, 16 March 2012

VulnDB HQ: tracking entries in the Public repository

It is now possible to fork one of the pages in the Public repository and create a private copy in your repo.

Apart form the last modified date, every Public entry now features a Fork this page link in its header:


Once you click on it, you are presented with an editor that gives you the chance to make a few changes before you save a copy in your private repo:


Entries in your repo that have been forked from an upstream Public page are clearly tagged:


And you get notified whenever the original page you branched from has been updated:


That's it for now. We will be adding more advanced features to this process in the near future.
Posted by Security Roots Ltd at 11:06 0 comments
Labels:

Wednesday, 14 March 2012

Pauldotcom en Espanol interviews Security Roots founder


Daniel Martin (@etdsoft), creator of Dradis Framework and founder of Security Roots Ltd was interviewed in Episode 11 of PaulDotCom Security Weekly en Espanol.

We talked about Dradis Framework, Ruby, Rails, open-source in general, Dradis Pro, VulnDB HQ, Nokogiri and a number of other things.

The podcast is in Spanish, starts with an introduction by Pauldotcom's host, Carlos Perez aka "Darkoperator" (@Carlos_Perez) and at about 1m46 the proper interview starts:

Read more »
Posted by Security Roots Ltd at 17:50 0 comments

Tuesday, 13 March 2012

Copying your VulnDB entries across to your VulnDB HQ account

A few months ago we launched VulnDB HQ our platform to build and manage a database of entries for your reports (take a tour if you want to know more).

Some of our users have asked us what is the best way to port your legacy Vuln::DB entries into your VulnDB HQ account. First, you can use the API to build a custom script (checkout VulnDB HQ API v1 in our support site).

Alternatively you can use our migration script (vulndb_bridge.rb):



As you can see, this is a fairly basic Ruby script that leverages Rails' ActiveResource library to communicate with both applications.

For instance, if your legacy Vuln::DB instance has the vulndb.local local DNS and your VulnDB HQ account is sg1.vulndbhq.com you should invoke the script as follows:

./vulndb_bridge.rb http://vulndb.local https://user%40domain.com:password@sg1.vulndbhq.com

Remember that the '@' symbol in your email needs to be URL-encoded! Read more about authentication in the API guide.

Hope you find this useful.

Keep an eye on us: @vulndbhq
Posted by Security Roots Ltd at 21:38 0 comments
Labels:

Thursday, 9 February 2012

Dradis Framework won in the Best Tools Report 2011

It is exciting to learn that Dradis Framework was chosen winner in the Best Tools Report 2011 by the ToolsWatch Service.

You know we have been very busy over the last few months:

  • Dradis Community edition: v2.9 last week, v2.8 in October...
  • Dradis Professional edition: v1.4 this week, v1.3 in November, v1.2 in October...
  • VulnDB HQ: finally launched this week too.

It is very gratifying to see our work getting recognized by the industry.

This encourages us to keep working and keep giving back to the open-source community and carry on building the solutions and services that our customers need to keep their focus on adding value to their clients.

This has always been our vision and we are more sure than ever that we are on the right track.




Posted by Security Roots Ltd at 19:00 0 comments

Wednesday, 8 February 2012

New in Dradis Pro (v1.4)

Today we have pushed a new version of Dradis Professional Edition.

Changes include:
  • New Settings Manager (more below)
  • New Export Manager (more below)
  • New plugins:
  • Updated plugins:
    • Nessus upload plugin is orders of magnitude faster.
    • Nikto upload plugin is orders of magnitude faster.
    • Nmap upload plugin is orders of magnitude faster.
    • VulnDB import plugin (to support VulnDB HQ integration)
  • Internals:
    • Fixed issue with the Upload Manager.
    • Updated First Time User's Wizard with Pro content.
    • Improved test coverage.
    • Updated to Rails 3.2


New Settings Manager



Administrators now have more control than ever on the different settings that control the behavior of Dradis Pro (including the new 'disable signups' switch).


New Export Manager


Our customers demand more powerful reporting capabilities and the new Export Manager is a big step in that direction. It is now possible to re-arrange notes before they are passed to any of our amazing reporting extensions.


Watch this space because note grouping, smart sorting and screenshot management will be some of the additions we have planned for the Export Manager in future releases.


Still not a Dradis Pro user?



These are some of the benefits you are missing out:


  • Less time writing reports
  • Provide a consistent experience to your customers
  • Pro is reliable, up-to-date and with comes with quality support


Read more in Why to give Dradis Professional Edition a try?

Posted by Security Roots Ltd at 17:25 0 comments
Subscribe to: Posts (Atom)
Copyright 2011 Security Roots Ltd. All rights reserved.