News

News and Press Releases

    Page 1 of 7.
  • 1
  • 2
  • 3

Logo verinice.XP

verinice.XP is the annual conference for users of the OpenSource ISMS tool verinice.  It is scheduled for 2021 on February 24 and 25, 2021 in Berlin. The Call for Papers has already started - the event committee of SerNet GmbH, he host of the conference, is looking forward to interesting submissions.

About verinice.XP

verinice.XP has been bringing together IT decision makers, security managers and data protection officers of companies, institutions and authorities for years. They are all connected by the use of verinice for information security management or data protection management. A social event for further discussions is planned for the evening of February 23, 2021 in the conference hotel. All participants of verinice.XP are cordially invited.

According to the current situation, SerNet GmbH may hold the verinice.XP as an online conference or hybrid format.

Workshops and Tickets

Exclusive workshops are planned for February 23, 2021. In small groups of participants, they are intended to facilitate an intensive exchange with colleagues and speakers. Participation in the workshop is possible independently from verinice.XP.

Tickets for the conference and the workshops will be available from the end of September 2020.


ITDZ Berlin

The City of Berlin has extended its contract with SerNet GmbH for the use of the ISMS tool "verinice". For another four years, the state administration institutions will thus use this widely used OpenSource tool for managing information security. The contractual partner on the side of German's capital is the IT Service Center "ITDZ - IT-Dienstleistungszentrum Berlin". The ITDZ Berlin also uses verinice for its own purposes and was the first company to receive the BSI certificate according to the modernized IT base line security "IT-Grundschutz" in 2018.  

Besides the use for the management of information security, verinice is also used for data protection management. For this purpose, the Berliners use a SerNet data protection module specially designed for the modernized IT-Grundschutz. The tool can be used in all Berlin state institutions - the institutions in the immediate vicinity of the Berlin state administration with main and 11 district administrations, including the 9 senate administrations and their subordinate authorities, institutions and companies - such as Berlin's vocational schools.

Karsten Pirschel is IT Security Officer at ITDZ Berlin and welcomes the continued cooperation: "We are able to enable the rapid adaptation of the modernized IT-Grundschutz and the possibility of using it from school operations to KRITIS environments via a central tool in the City of Berlin".

Michael Flürenbrock, verinice Product Owner, is excited about the continuation and expansion of the long-standing cooperation: "verinice is mainly created at the SerNet location in Berlin - 100% made in Germany. We are particularly pleased that our product is to be used throughout the country, especially here". SerNet managing director Reinhild Jung adds: "It is great that the state of Berlin is also following our open source strategy: Fully disclosed source code is an important contribution to security management".

About verinice: verinice is the only tool for the management of information security under Open Source license. It is used in 4 German federal states and in more than 40 federal authorities, as well as in a large number of municipalities, public utilities and other public institutions, especially for critical infrastructures. For the industrial sector, verinice supports ISO 27001 in addition to IT-Grundschutz and is in use here at companies throughout Europe and also at the Council of the European Commission or European National Banks.


Unfortunately, a traditional date in the verinice calendar has to be cancelled this year due to the Corona pandemic: The it-sa. After extensive deliberations, NürnbergMesse decided that the changed conditions would be too much of a hindrance to an it-sa in autumn 2020. This includes the presentation of a new verinice version at it-sa and the intensive personal exchange between the verinice team, partners and users on site.According to a statement by NürnbergMesse, the cancellation "reflects the wishes of the industry, which is questioning the dialogue between exhibitors and visitors, which is characterized by intensive technical discussions and partly confidential consultations, under hygiene and distance rules". SerNet and the verinice team are currently considering how the resulting gap can be reasonably closed. Information will be announced in advance on verinice.com.  

The next it-sa will take place from October 12 - 14, 2021 at the NürnbergMesse exhibition center. SerNet and the verinice team are  planning to be on site with partners as usual.


Code name: Unstad

Publication: April 14, 2020

As of now, verinice and verinice.PRO version 1.20 are available for download in the verinice.SHOP or in the customer repository.

With verinice 1.20, the verinice.TEAM provides more than 50 new functions, detail changes and bug fixes.

With verinice 1.20, users receive support for essential tasks in the modernized IT-Grundschutz:

  • The update of modelled information networks, which is required annually by the BSI with the publication of a new IT-Grundschutz compendium, is significantly simplified by a guided update functionality (new modelling).
  • The implementation of the risk analysis according to BSI standard 200-3 is effectively supported by visualization of outstanding risk analyses as well as high or very high risks requiring action.
  • The visualization of the implementation status for each module shows at a glance the degree of fulfillment of the type of procedure.
  • IT-Grundschutz audits can be performed, documented and output via report template.

The most important innovations are documented in the release notes.


In a news article published by SerNet we inform about our current status regarding the COVID19 pandemic. We update the article regularly if there are any new developments. We want to keep our customers and partners informed in a transparent manner.


Two new verinice versions will be released in 2020. The dates for the spring and autumn releases have already been set. Features for the respective versions are already collected and presented in the verinice.FORUM.

The following dates are planned:

  • verinice 1.20 in week 13 (March 23 to 27, 2020)
  • verinice 1.21 in week 45 (2 to 6 November 2020)

In the "Roadmap" category (German only) in the verinice.FORUM, users can take a look at the features planned for the upcoming versions. They can also suggest new features themselves or discuss specifications for already suggested features with the team and other verinice users.

The goal of the early definition and communication of deadlines is to provide planning security and to be able to plan updates of productive verinice systems further ahead. A feature freeze is scheduled one month before the release to ensure an extensive test phase.


A new update 1.19.1 has been released for verinice. The new version fixes an error in the VNA export. verinice and verinice.PRO version 1.19.1 are now available for download in the verinice.SHOP or in the customer repository.

Background: Some data models could not or not completely be exported. The update to verinice 1.19.1 is recommended to all customers who encounter problems when exporting information networks of the modernized IT Baseline Protection.

Please also refer to the detailed release notes for version 1.19 for further information.


Inna Thies verinice.XP 2019

The agenda for verinice.XP 2020 is online: SerNet will be hosting the conference for verinice users on 26 and 27 February 2020 in Berlin (Radisson Blu Hotel, Karl-Liebknecht-Strasse 3, 10178 Berlin). Reduced Early Bird tickets are available until 14 December 2019. On 25 February there will also be a workshop day (bookable separately): Altogether four Workshops are dedicated to special topics like the conversion of the modernized IT Baseline Protection, the integration of industry standards and data security in verinice.

Using the early bird phase

Karen Kämpf (Federal Office for Information Security) starts of verinice.XP on February 26 with "Minimum Standards according to §8 Abs. 1 BSIG". Andrea Sudbrock (Chamber of Crafts East Westphalia) sheds light on the interaction of external and internal data security representatives. The "Risk analysis between BSI 200-3 and DIN/ISO 27005" is addressed by Kai Wittenburg (neam IT-Services), followed by Martin Peters (Sec2do) with a lecture on "Migration from BSI 100 to BSI 200". Alexander Koderman (SerNet) takes a look at "IT Baseline Protection around the globe: Cybersecurity Framework and NIST SP 800-53" before the day ends with a social event in the conference hotel.

On 27 February, Susanne Aust ("Modernized IT Baseline Protection using the example of the University Hospital Halle (Saale)") and Thomas Skerhutt (Charité Berlin, "Leap through the worlds - the ISMS as a central node in Europe's largest university hospital") will report from two university hospitals where verinice is in use. Also on the agenda are  "Compliant Data Protection Impact Assessment with verinice.PRO" (Robert Raczynski), the "Partial Automation of Risk Analysis according to ISO 27005 through Integration with SecuriCAD" (Ulrich Heun, CARMAO) and the further development of verinice (verinice product owner Michael Flürenbrock).

Reduced Early Bird tickets for the conference are still available until December 14. These cost 399 euros. Starting from 15.12. the regular price lies with 499 euro. Tickets are available over https://www.verinicexp.org

Workshops for using verinice

Following the success of the last few years, workshops are once again being held ahead of the event, this time with a significantly broader range of topics. To be chosen from:

  • Integration of further standards in verinice using the example of B3S for Healthcare (Dirk Brand, SILA Consulting)
  • Implementation of the modernized IT Baseline Protection in verinice (Ulf Riechen, Riechen Consulting)
  • IT Baseline Protection und Datenschutz: Hand in hand with verinice (Inna Thies, Christopher Büttner & Tessa Witzigmann, Cassini Consulting)
  • ISO 27001 and Data Protection Module 3 (Tatjana Anisow & Sirin Torun, SerNet)

The number of participants is limited - fast booking pays off. Participation is also possible independently of attending the conference and costs 450 Euro.


verinice

The verinice.TEAM releases verinice 1.19, a version optimized for stability and performance in many respects. More than 50 detail improvements and bug fixes especially improve the areas performance, AD import, task workflow as well as report queries and reporting.

All details about verinice 1.19 can be found in the Release Notes, the new features and functions can be discussed directly with other users and the verinice.TEAM in the verinice.FORUM.

Data protection module 3 with data protection impact assessment and risk analysis

Version 3 of the data protection module supports users in implementing the DS-GVO as of verinice 1.19 in the data protection impact assessment and data protection risk analysis. For the risk analysis, the data protection module was extended by data protection-relevant risk scenarios. For better orientation, the legal texts of the DS-GVO, the recitals and the legal texts of the BDSG (new) are included and linked according to the dependencies. 

In addition to the variant for use in the ISM perspective, data protection module 3 will also be available in a few days in a variant for use in the perspective of modernised IT basic protection. Users can thus directly use the module requirements of the IT-Grundschutz Compendium as TOM.

This module is currently only available in German. By early 2020 an English content version will be published at verinice.SHOP.

IT Basic Protection Profiles

verinice 1.19 optimally supports users of the modernized IT-Grundschutz in the creation and use of IT-Grundschutz profiles. All IT-Grundschutz-Profiles published and licensed by the BSI can be downloaded from the verinice website for import into verinice 1.19 in the coming days.

VDA ISA 4.1.1

verinice 1.19 supports the VDA ISA catalog in version 4.1.1 for TISAX in German and English. In the VDA perspective, users can carry out information security assessments including the additional modules prototypes, third party integration and data protection.

 


    Page 1 of 7.
  • 1
  • 2
  • 3

Search News

Press contact:

Claudia Krell
presse@remove-this.sernet.de

Archive:

English languageDeutsche SpracheLingua italianaČeský jazyk
© SerNet GmbH, 2020