We have reached an important milestone in the development of VulnDB HQ: it is now possible to manage testing methodologies through the service.

Will this make people’s lives meaningfully better? We hope so! This is why we think it is a great idea:

• These will be organic documents, easy to use and easy to update. Forget storing a Word document in a network share to never again update it.
• Did someone in the team find a cool resource or tool? Add it so everyone uses it from now on.
• Some testing projects are not that common (IBM MQ review anyone?), if you save your notes today, they will be available for you next time round when you need them.
• Do you need to quickly bring up to speed someone in a new technology for a last-minute requirement? With a testing methodology to follow that’s a lot easier.

Oh, and of course, we will build up a public repository of testing methodologies and will share it with our users.

Without further ado, here are some screenshots of the methodology builder:

Excited yet? Visit us at http://vulndbhq.com/, learn more about why you should use VulnDB HQ or take a Tour of the service.

A few days ago we released v2 of the API for VulnDB HQ, our platform to manage vulnerability databases.

A lot of work has happened in the background to pave the way to a more stable and comprehensive API. From the consumer perspective we now have a dedicated endpoint for API access (i.e. /api/) and can specify API versions via the Accept HTTP header. You can read all about it in the VulnDB HQ API v2 guide in our support site.

To make everyone’s life easier we’ve also open sourced a Ruby client-side library to make it easy for you to integrate VulnDB HQ with your own tools and systems. You can find it in our GitHub page:

https://github.com/securityroots/vulndbhq

We hope you find this useful!