News and Press Releases

SerNet has released version 1.18 of the open source ISMS tool verinice. The verinice.TEAM presents an extensive update, which is especially relevant for working with the Modernized IT Baseline Protection of the German BSI: An optimized modeling as well as the possibility for preliminary hybrid modeling are decisive innovations. All details with extensive screenshots can be found in the Release Notes. The new version is available in the verinice.SHOP (for standalone users) or in the verinice.PRO repository.

Two important notes for verinice users come with the update:

Automatic client updates are not possible for verinice 1.17 and 1.18! We have compiled all necessary information about manual updates in a HowTo. To update the verinice.PRO server to version 1.18, please use the package manager "yum" as usual (see details on the verinice.PRO update).

The verinice.TEAM has released the first beta version of the Information Security Assessment Version 4.1.0 of the German Association of the Automotive Industry (VDA ISA 4.1.0) for use in verinice. An english version is now also available. The corresponding CSV file can be found in the verinice.FORUM. (Please note: The initial post and the thread are German only, however the link for the English beta version is embedded.)

The current version can already be integrated into verinice and be used for asssessments. However, users should note that this beta version is explicitly intended for testing and not for productive use!

In addition, the following restrictions apply:

  • Module 24 Data Protection cannot yet be documented (supported with verinice 1.18 from week 15 2019).
  • The report templates will be supplemented by the modules 23 Third Party Integration and 25 Prototype Protection. They will be made available in the coming weeks (see Extension of the VDA ISA Report Templates for Version 4.1.0 1 – again: thread in German only).

All relevant notes as well as further details are also compiled in the corresponding thread in the verinice.FORUM. The verinice.TEAM is looking forward to feedback and a lively discussion.

The verinice.TEAM changes its release planning as of 2019: Two new versions will be released this year, the dates for a spring and an autumn release have already been set. Features for the respective versions will be presented in the verinice.FORUM (German only atm). 

The following release dates are planned:

  • verinice 1.18 in week 15 (8. - 12. April 2019)
  • verinice 1.19 in week 46 (11. - 15. November 2019)

In the "Roadmap" category (German only atm) in the verinice.FORUM, users can take a look at the features for future versions. They can also propose new features themselves or discuss specifications for already proposed features with the team and other verinice users.

The aim of the dates set and communicated at an early stage is to provide planning security and to be able to schedule updates of productive verinice systems in advance. As before, a feature freeze takes place one month before the release to ensure a thorough test phase.

The user's demand for a fast integration of the German Modernized Baseline Security framework by BSI made a new sub-release 1.17.2 of verinice. and verinice.PRO necessary. Detailed information about bugs and the applied solutions are available in our release notes

A new version of verinice-Client has been provided in our verinice.SHOP for download. Subscribers of verinice.PRO will find the new version 1.17.2 in the respective repositories. 

This update is mandatory for users of the Modernized Baseline Security framework.

Starting with version 1.18 verinice will include a Java Runtime Environment (JRE) of the AdoptOpenJDKinitiative. AdoptOpenJDK creates JRE which contain all security patches and may be used free of charge. For verinice users nothing will change: verinice will still contain a current JRE and the verinice.TEAM will keep the installation as easy as possible.

Previously (incl. version 1.17.x) verinice contained a JRE, which was published by Oracle free of charge. However, Oracle changed the Java release cycle and the license for the JRE in 2018, so that it will no longer be possible to deliver verinice with the Oracle JRE from 2019 on.

Further details and background information can be found in the verinice.FORUM (thread in German).

Search News

Press contact:

Claudia Krell


English languageDeutsche SpracheLingua italianaČeský jazyk
© SerNet GmbH, 2019