Last week, a critical vulnerability in the widely used logging library log4j 2 became known. The log4j versions included in the verinice.PRO server are not affected by the vulnerability!

The vulnerability is described in this article: Log4Shell and was dedicated the CVS number CVE-2021-44228 .

For more information, see the article in our verinice forum: https://forum.verinice.com/t/verinice-nicht-betroffen-von-log4j-schwachstelle/

However, on a verinice.PRO system there may be other Java…

As of now, the verinice.TEAM provides the BSI published Benutzerdefinierte Bausteine for use in verinice free of charge. They can be ordered and downloaded from the verinice.SHOP. 

Users of IT-Grundschutz have the opportunity to contribute their expertise to IT-Grundschutz by creating so-called Benutzerdefinierte Bausteine (user defined building block). To do this, an institution picks out a topic or partial aspect for which no IT-Grundschutz building block has yet been published and on which…

The IT Baseline Protection Profile for control centers is now available for use in verinice ( as of version 1.22). The Baseline Protection Profile is published by the Fachverband Leitstellen e.V. – in German only – and can now be directly integrated into verinice. It is available free of charge via the verinice.SHOP.

The IT Baseline Protection Profile for Control Centers helps users to install an information security process in a control center and to adapt it to the corresponding requirements.…

The verinice.TEAM has published the additional module verinice PCI DSS. This requirements catalog maps the Payment Card Industry Data Security Standard (PCI DSS) in verinice. The module can be used with verinice starting with version 1.22 in the ISM perspective. It is available to purchase in the verinice.SHOP. 

About the module verinice PCI DSS

The module verinice PCI DSS enables tool-supported verification of compliance with PCI DSS requirements. Requirements from other standards or laws…

verinice. as well as verinice.PRO and the add-on module Zusatzmodul B3S Krankenhaus are qualified for funding from the Hospital Future Fund (KHZF). SerNet thus offers clinics and hospitals that have to improve their IT security and introduce information security management by the deadline of 01.01.2022 a comprehensive solution that meets their needs and is also eligible for funding. The corresponding proof of suitability for eligible service providers is held by SerNet.

The ISMS tool verinice…

With verinice. SerNet GmbH provides the only open source tool for the management of information security (ISMS). In order to grow dynamically and to further advance the development of the software, the team is looking for additional members with immediate effect.

Three positions are currently open:

• Front-End Developer for verinice. (d/w/m)
• Back-End Developer for verinice. (d/w/m)
• Full-Stack Developer for verinice. (d/w/m)

The verinice.TEAM works distributed at the locations Berlin…