The verinice.TEAM has identified and fixed a problem in the recently released verinice.PRO 1.17: When sending mails for unfinished tasks a lot of reminder mails were sent within a short time instead of only every 7. Affected are only verinice servers. A new version verinice.PRO 1.17.1 with corresponding solution has already been released and is available in the .PRO repository.
verinice development manager Daniel Murygin: "We were able to react quickly and publish a hotfix. Our support, to whom the behavior was reported, and the development team worked closely and efficiently together".
Since the bug only affects verinice servers, there is no new client version or updates for the clients (verinice single-user version).
SerNet has released version 1.17 of the open source ISMS tool verinice. The verinice.TEAM presents an extensive update, which is especially relevant for working with the Modernized IT Baseline Protection of the German BSI: An optimized modeling as well as the possibility for preliminary hybrid modeling are decisive innovations. All details with extensive screenshots can be found in the Release Notes. The new version is available in the verinice.SHOP (for standalone users) or in the verinice.PRO repository.
Two important notes for verinice users come with the update:
verinice support budgets are now available in the verinice.SHOP. They provide quick and easy access to supporting services. In addition to individual contracts, SerNet is thus making flat-rate budgets available to customers all over the world.
With this step SerNet wants to make it easier for verinice users to have direct access to the expertise of the verinice.TEAM. Two advantages in particular are key: The contract is concluded immediately instead of having to be individually negotiated. In addition, all hourly rates are the same, regardless of whether technical support in the narrower sense or, for example, consulting is used to implement a standard. Within one hour after purchase, the project number is available, with which support requests can be made at any time by e-mail or, in urgent cases, by telephone.
A support budget purchased in the shop contains 10 hours of service at a price of 1200 Euro (net). Up to 4 of these budgets can be purchased at once and bundled for a 40-hour project (one working week). The support budgets include product support for verinice and verinice.PRO as well as all related queries for databases (PostgreSQL, Oracle), identity management (Active Directory, LDAP, etc.) and virtualization (VMWare) on Windows, Linux and macOS platforms.
Support budgets have a duration of 24 months. The monthly account statements as well as a final statement provide detailed information about all inquiries and used units. The smallest time unit for a support request is a quarter of an hour. All work is carried out by SerNet remotely by e-mail or telephone during the active support hours (Mon-Fri 8 - 18 CET).
Booth 204 in Hall 9 at it-sa 2018 is the place to go for everyone who wants to take a look at the latest developments in verinice. it-sa – the annual trade fair and meeting place for the IT security industry – will take place from October 9 to 12 in Nuremberg. SerNet will be there with verinice partners.
The verinice.TEAM of SerNet will be accompanied by Cassini, neam, SILA Consulting and TÜV TRUST IT. They are all part of the verinice.PARTNER network and are happy to pass on their expertise on site. Together, SerNet and the partners will present verinice and provide insights into verinice 1.17, which will be published soon after it-sa. In addition, the partners will present their own services such as the establishment of a management system for information security, consulting for e.g. BSI IT Baseline Protection, ISO 27001 and ISIS12, audits, or support on the way to certification. c.a.p.e IT GmbH will present the integration between verinice.PRO and KIX Professional. uib will also be there, presenting opsi – the Open Source Client Management System.
Would you like to get to know verinice in general or specific contents such as the data protection module? Would you like to take a look at our implementation of the Modernized IT Baseline Protection and the Compendium? Would you like to know whether verinice is the right tool for you? Would you like to get to know some of our verinice.PARTNERS and their range of services? Then we look forward to welcoming you. We would also be happy to arrange a meeting with you in advance! Please send us an e-mail to itsa@. sernet.de
You can get free visitor tickets for a visit to it-sa via SerNet. To do this, visit http://www.it-sa.de/voucher/ and enter the voucher code A391225. With a visitor ticket, you can explore it-sa from 9 a.m. on any day.
SerNet has released the open source ISMS tool verinice in version 1.16. With this release, the team focuses on data protection and especially the GDPR. The combination of verinice and the Data Protection Module now makes it possible to comfortably document processing activities and to implement contracted data processing in compliance with EU law.
The Data Protection Module supports the documentation of contracted data processing, contracting parties and services in accordance with Article 28 GDPR. Corresponding contracts can be integrated directly. Data protection expert Sirin Torun, who designed the Data Protection module, also draws attention to the ADV controls that she developed herself: "They form a catalogue of measures that supports the verification and documentation of order processing. The ADV controls can also be used for initial or follow-up audits."
For the list of processing activities according to the GDPR, the Data Protection Module provides an example catalogue with samples of procedures including exemplary solutions for typical data protection problems - easily adaptable to the respective company, enterprise and authorities and can be extended as required. Torun emphasizes: "A special feature is that the technical and organizational measures (TOMs) can be selected from the ISO 27001 controls or the German BSI IT Baseline Protection measures and are assigned to the data protection objectives of Article 32 GDPR". This enables users to find their way quickly and work efficiently. The resulting interface between data protection and information security management means a considerable value for users. Especially if the ISMS is documented with verinice, costs can be reduced and the documentation effort can be reduced.
All data from the Data Protection Module can also be aggregated in reports. A total of 12 reports summarize the necessary information on a special area or on an overview topic.
The Data Protection Module is currently only available in German. Also it requires a verinice subscription. SerNet is planning further updates for the data protection module in the near future. The next topics on the roadmap are data protection risk management and risk analysis as well as data protection impact assessment. Users of the current data protection module should have access to these new features.
verinice 1.16 also has some innovations to show for the implementation of the new BSI IT Baseline Protection. The Baseline Protection Compendium has been revised, an implementation status for requirements and measures has been added, an identifier marks links clearer and new object types represent the diverse documentation tasks of the modernized IT Baseline Protection. As well as the Data Protection Module, the new IT Baseline Protection is only available in German.
Details about verinice 1.16 can be found in the release notes and about the Data Protection Module on the product page in the verinice.SHOP (German only) – interested parties can also participate in one of our webinars and get a first impression.
CentOS 7 is supported by verinice since the current 1.15 version – users can now switch to the newer version of the Linux distribution.
Updating servers from CentOS 6 to 7 is not possible, hence verinice must be set up and configured again. If needed, SerNet and the verinice.TEAM offer support with the transition. The verinice appliance will be available for CentOS 7 in a few weeks and will also simplify the reinstallation. Daniel Murygin, team lead software development: "Customers who are burning, but can now start with verinice 1.15 on a CentOS 7 server."
According to the end-of-support schedule, maintenance updates for the CentOS 6 series will be available until November 30, 2020. verinice will be available for CentOS 6 for the time being. Customers can continue to work with the combination verinice / CentOS 6 and schedule the change for a later date.
The verinice.TEAM has released the ISMS tool verinice in version 1.15. Main changes are the integration of the Modernized IT Baseline Protection issued by the German BSI (Federal Office for Information Security) and support of the EU GDPR. Publisher SerNet provides verinice and verinice.PRO for download in the verinice.SHOP or in the customer repository. The release also includes enhancements in various areas such as search and indexing, report query, and the web frontend.
verinice 1.15 and the enhanced Data Privacy Module enable working with the EU GDPR. The extended Module will be available for download in the verinice.SHOP or in the update repository soon: In addition to the mapping of the dircetory of processings, it also supports the required documentation for contract data processing. Until the deadline in May, additional extensions for the Modul are planned. They include risk management for data privacy and the data privacy impact assessment.
verinice 1.15 is the first version that implements the Modernized IT Baseline Protection according to the new BSI standards 200-1, 200-2 and 200-3.
More updates for verinice are on the horizon this year. These are intended to integrate the still missing content from the BSI. verinice Product Owner Michael Flürenbrock: "Users should be able to work with the latest version of the new Baseline Protection in verinice in a timely manner." In particular, risk management and the migration from the previous IT Baseline Protection Catalog to the IT Baseline Protection Compendium are among the expected BSI updates.
verinice users will receive the new versions as part of their ongoing subscriptions.
In verinice 1.15 the REST interface was expanded. The verinice.TEAM is working closely with Chemnitz (Germany) based c.a.p.e IT, manufacturer of the OTRS-based ticket system KIX. Thus, after Greenbone / OpenVAS now another IT service management (ITSM) tool is directly linked to verinice.
The verinice.XP from 21 to 23 March 2018 evolves around verinice. All users of the ISMS tool are invited to Berlin In addition to lectures on innovations such as the Modernized IT Baseline Protection and data privacy in verinice, participants can also expect reports from daily practice, e.g. for use at Berlin Brandenburg Airport, Europ Assistance or for industries such as finance and insurance, water companies and hosters. Tickets and more information at verinicexp.org.
The verinice.CLIENT is now available as subscription at the verinice.SHOP. The contract period spans 1, 2 or 3 years. The change made by verinice publisher SerNet comes as a lot of customers requested a subscription based model.
Previously, new versions of the verinice.CLIENT had to be purchased separately. With typically two releases a year many customers required a new acquisition every six month and had to negotiate with their purchasing department. To simplify this process on the user side, SerNet has switched to the new subscription model. From now on, customers can buy a verinice subscription for a period of 1, 2 or 3 years. A subscription includes access to all newly published versions.
it-sa - the annual fair and meeting place for the IT security industry - will take place from 10 to 12 October in Nuremberg this year. SerNet will be there together with verinice.PARTNERS at the verinice booth in Hall 9 / 9-204.
SerNets verinice.TEAM will be accompanied by some partners from the verinice.PARTNERS network. Cassini, IT-InfoSec, neam and SILA Consulting are part of the project. Together they will present verinice and offer an outlook on verinice 1.15. The partners will also inform about their individual services such as the design, implementation and optimization of a management system for information security, as well as certification and trainings.
You want to learn more about verinice or certain functions? You want to know if verinice is the right tool for you? Or just give us feedback on the software? You want to get to know some verinice.PARTNERS and their services? We look forward to welcoming you at our booth. For appointments send us an email to firstname.lastname@example.org.
Get your visitor ticket for free access to it-sa: Just redeem the voucher code A361597 at http://www.it-sa.de/voucher/. With a visitor ticket you’ll be able to explore it-sa on any day starting at 9am.
verinice has been released in version 1.14 and is available at the verinice.SHOP. Sernet's verinice.TEAM has several major and minor changes packed into the release for the ISMS tool. One focus is on the redesign of the web front end. In addition, there are already some changes in the background for the newly introduced license management. The release notes offer all details.
The most striking innovation of verinice 1.14 is the basic redesign of the web front end, which can be used by verinice.PRO customers. This presents itself sleaker, with more comfortable user experience - and responsive. verinice.PRO users are now able to use it with mobile devices. In addition, the web front end has been upgraded in terms of security.
Newly added is a graphical analysis, which always provides an overview of the current status of information security. It shows the implementation status of the basic protection measures and the ISO controls across all organisations/scopes. This shoul simplify the daily work of CISOs and security officers in particular. With the graphical interface, they can retrieve results in real-time and report them.
The changes are the first step of a fundamental overhaul of the web front end. Further functions will be added.
Also new in verinice 1.14 is a comprehensive license management: Standards can be integrated directly into the tool with their original content. Licenses can be purchased in the verinice.SHOP soon. With verinice 1.14 the preparations for upcoming versions have begun in the background. One of the upcoming innovations concerns the German modernized IT Baseline Protection.
You bought the previous version verinice 1.13 after June 10, 2017? Contact us at sales@ and we will send you a voucher code to download verinice 1.14. sernet.com