Friday, April 02, 2010
Dradis: Effective Information Sharing for Pentest Teams
April's toolsmith covers Dradis.
Dradis is a self-contained web application that provides a centralized repository for information acquired during testing in order to work completed and pending.
The Dradis project lead, Daniel Martín Gómez contends (and I agree) that failure to share “information available in an effective way will result in exploitation opportunities lost and the overlapping of efforts.”
Testing teams face multiple challenges specific to information sharing, including a variety of output types from all the tools utilized.
Testers gather results in different ways.
Each team generates different reports, and so on.
Dradis is designed to address these challenges and does so effectively.
Check it out at your earliest convenience.
The article awaits your review here.
del.icio.us | digg | Submit to Slashdot
Please support the Open Security Foundation (OSVDB)
HolisticInfoSec's Russ McRee was pleased to be added to ISSA International's Honor Roll this month, a lifetime achievement award rec...
It's rather hard to believe, unimaginable even, but here we are. This is the 120th consecutive edition of toolsmith; every mon...
You've likely seen chatter recently regarding the pilot Hack the Pentagon bounty program that just wrapped up, as facilitated by Hacker...
7 OCT 2016 saw the release of MISP 2.4.52 . MISP, Malware Information Sharing Platform and Threat Sharing, is free and open source software...