The verinice.CLIENT is now available as subscription at the verinice.SHOP. The contract period spans 1, 2 or 3 years. The change made by verinice publisher SerNet comes as a lot of customers requested a subscription based model.
Previously, new versions of the verinice.CLIENT had to be purchased separately. With typically two releases a year many customers required a new acquisition every six month and had to negotiate with their purchasing department. To simplify this process on the user side, SerNet has switched to the new subscription model. From now on, customers can buy a verinice subscription for a period of 1, 2 or 3 years. A subscription includes access to all newly published versions.
it-sa - the annual fair and meeting place for the IT security industry - will take place from 10 to 12 October in Nuremberg this year. SerNet will be there together with verinice.PARTNERS at the verinice booth in Hall 9 / 9-204.
SerNets verinice.TEAM will be accompanied by some partners from the verinice.PARTNERS network. Cassini, IT-InfoSec, neam and SILA Consulting are part of the project. Together they will present verinice and offer an outlook on verinice 1.15. The partners will also inform about their individual services such as the design, implementation and optimization of a management system for information security, as well as certification and trainings.
You want to learn more about verinice or certain functions? You want to know if verinice is the right tool for you? Or just give us feedback on the software? You want to get to know some verinice.PARTNERS and their services? We look forward to welcoming you at our booth. For appointments send us an email to email@example.com.
Get your visitor ticket for free access to it-sa: Just redeem the voucher code A361597 at http://www.it-sa.de/voucher/. With a visitor ticket you’ll be able to explore it-sa on any day starting at 9am.
verinice has been released in version 1.14 and is available at the verinice.SHOP. Sernet's verinice.TEAM has several major and minor changes packed into the release for the ISMS tool. One focus is on the redesign of the web front end. In addition, there are already some changes in the background for the newly introduced license management. The release notes offer all details.
The most striking innovation of verinice 1.14 is the basic redesign of the web front end, which can be used by verinice.PRO customers. This presents itself sleaker, with more comfortable user experience - and responsive. verinice.PRO users are now able to use it with mobile devices. In addition, the web front end has been upgraded in terms of security.
Newly added is a graphical analysis, which always provides an overview of the current status of information security. It shows the implementation status of the basic protection measures and the ISO controls across all organisations/scopes. This shoul simplify the daily work of CISOs and security officers in particular. With the graphical interface, they can retrieve results in real-time and report them.
The changes are the first step of a fundamental overhaul of the web front end. Further functions will be added.
Also new in verinice 1.14 is a comprehensive license management: Standards can be integrated directly into the tool with their original content. Licenses can be purchased in the verinice.SHOP soon. With verinice 1.14 the preparations for upcoming versions have begun in the background. One of the upcoming innovations concerns the German modernized IT Baseline Protection.
You bought the previous version verinice 1.13 after June 10, 2017? Contact us at sales@ and we will send you a voucher code to download verinice 1.14. sernet.com
v.Designer enables you to modify report templates or to create new ones.
verinice uses the BIRT framework that includes a report designer. v.Designer is based on this tool and has been slightly modified for verinice and enhanced with certain options and functions. All main functions remain the same so that manuals and tutorials for a BIRT report designer can be used to learn how to work with v.Designer.
We added a very short manual to the v.Designer package - currently in German, that will be tranlated and added to the package by end of April.
Please consider that v.Designer is always adapted to the current version of verinice, but you do not have to by v.Designer again, if a new verinice version is released. We will update v.Designer in the shop backend so all you have to do os download the software again.
verinice.TEAM just released verinice 1.13.1 that contains some enhancements and bug fixes. It can be downloaded for free by all customers that bought verinice 1.13 at the verinice.SHOP or maintain an active verinice.PRO subscription.
This new version contains major enhancements for German data protection regulations. For more info please switch to the German version of this announcement. The developers also permanently added the BCM enhancements regarding the German BSI standard 100-4, that had been published as a supplement in early November 2016.
The verinice.XP 2017 agenda is online! Our information security conference takes place on February 6th and 7th at Sofitel Kurfürstendamm in Berlin.
The first day "Grundschutztag" about "BSI Baseline Security" starts with Marc Fliehe's keynote from BITKOM e.V. and is followed by Jan Grasshof (Cassini) about "Grundschutz" at Berlin's public administration and Holger Schellhaas (TCI) at a travel insurance company. Ronny Frankenstein (HiSolutions) gives an overview about "Neuer Grundschutz" and Alexander Koderman reports about "Geheimschutz and Grundschutz". The final session is presented by Michael Flürenbrock from SerNet as an overview and discussion about the verinice future roadmap.
The second "ISO day" starts with a keynote from Boban Kršić (DENIC) about Business Continuity Management followed by talks about ISMS usage at AEB (Volkher Wegst), about risk and compliance management at University of Oxford (Jonathan Ashton) and SOX management at US based energy company ITRON (Michael Schneider). SerNet lawyer Sirin Torun will talk about the "EU General Data Protection Regulation" and how it will be integrated in verinice, and the day will close with a general discussion in the verinice.FORUM for all attendees.
Registration for the conference is open at verinicexp.org for a fee of 150 Euro per day. A social event in the conference hotel on the evening of the first day is the opportunity for networking and meeting with both other participants and the verinice.TEAM as well. All participants will receive a voucher code for the verinice manual for a free download. verinice.PRO customers can ask for a 20% discount voucher via mail to firstname.lastname@example.org!
After German BSI discontinued it's own GSTOOL for information security management the tool market evolves quickly. verinice plays an important rule because it is the only OpenSource tool with a BSI license.
verinice.XP – User Conference for Information Security shows how GSTOOL users can migrate to verinice and other tools and how the new German baseline security will evolve at BSI and can be adopted especially by critical infrastructure providers.
verinice.XP takes place on Februar 6th and 7th 2017 at Sofitel Kurfürstendamm Berlin (Augsburger Straße 41, 10789 Berlin) and is hosted by SerNet, the company behind verinice. Participants are IT leads, decision makers, information security officers and persons responsible for data protection in companies and public authorities.
Fokus of the first day is German baseline security, featured by German BSI. Marc Fliehe will show in his keynote how the most important IT business foundation in Germany - BITKOM e.V. - sees the future development and challenges for information security management in Germany. The second day is about the generic international standard ISO 27001. Boban Kršic from DENIC e.G. will give a keynote talk with focus on Business Continuity Management.
The complete program of verinice.XP 2017 will be published on the conference website in early December.
Registrations for the conference are possible online at verinicexp.org, "Baseline-Day" and "ISO-Day" can be booked separately or both. A social event takes place on the evening of the first day for all participants and gives a chance for networking and even more discussions about the topics of the day. All participants have access to a cost free voucher code for the current verinice manual.
Alexander Koderman leaves SerNet after more than 10 years and enters a new position as Chief Security Officer at a Company in southern Germany. This is the end of an era where Alexander built and influenced the verinice.TEAM. His team and all colleagues at SerNet are deeply grateful and accept that after so many years of team leadership Alexander wants to have a more functional role as information security specialist. Alexander Koderman remains a member of the cross-company Open Source team that generates verinice as a wide spread and successful open resource for everybody. We will meet Alexander again at verinice.XP on February 6th and 7th where he wants to give a talk and stays in contact with users, developers and partners.
New team leads are Michael Flürenbrock (Consulting) and Daniel Murygin (Development). Michael also serves as "product owner" for verinice and is the main contact for the verinice roadmap. He welcomes all ideas and recomendations.
A two-part tutorial in English is devoted to "Reporting on Compliance". The new in-memory query assistant is used here. Koderman shows, among other things, how it is possible to link standards with one another without additional effort: For example, you can query how well the standard PCI DSS is implemented - using already existing results based on ISO 27001. The output can be exported in CSV format and imported into programs such as Excel or LibreCalc. Thus, as shown in Part 2 of the tutorial, it is possible to create meaningful and illustrative diagrams.
And if you want to start your ISMS or risk analysis with Excel, we strongly recommend the video "Risk Analysis with Excel: Do not fall into this trap!"
The verinice.TEAM at SerNet has released the open source ISMS tool verinice in version 1.13. An in-memory query wizard, which makes the reporting quicker and easier, as well as the extension of the possibility to connect to other tools (KIX4OTRS, Greenbone, REST API) are new feature highlights. In addition, preparations were made for the data protection for the EU General Data Protection Regulation (EU GDPR).
The most significant change triggered by verinice 1.13 concerns the licensing model. With the new version, the verinice client (single user version) equipped with the full feature set can be ordered directly via the verinice.SHOP for 249.90 Euro (incl. VAT). The verinice manual, which accompanies users when they get to know and work with verinice, is already part of the package. If you want to use verinice with multiple users and server functions, verinice.PRO is the one for you and is available as subscription.
New in the portfolio is verinice.EVAL, a free verinice trial version. verinice.EVAL is also available through the shop and is nearly feature complete to enable a realistic evaluation or use for research purposes. Testers only have to do without the reporting function.
Our new Link Table Report (LTR) makes reporting a lot easier: A query wizard allows users to collect all the information needed directly in verinice. Let's say you need a list of interrelated security controls from different standards. No problem. Or maybe you need a list of assets with risk scenarios and responsible personnel? Also created with just a few mouse clicks. All queries can be exported as CSV and imported directly to Excel or LibreOffice Calc and edited there. This is how the reports that are needed right now are generated – and they can be changed and designed in any way. The best thing is that all queries – including complex link structures and thousands of objects – are processed quickly and usually in a few seconds.
Other new features are designed to make your life – or at least your daily ISMS routine – a little easier. For example, links between the IT Baseline Protection view and the ISM view are possible now, risk analysis' can be duplicated for further target objects (including all intermediate steps), and file attachments can be copied together with objects at the same time. We have implemented a lot of this as requested by customers, tagged as "Quality of Life optimization".
In collaboration with c.a.p.e. IT verinice teams up IT service management (ITSM) and ISMS: verinice 1.13 makes it possible to link verinice.PRO and the ITSM tool KIX4OTRS. For example, OTRS tickets can be enriched with information on the processing of verinice objects – and if the ticket is successfully processed, the changed information can be stored in the verinice database. Configuration items from KIX4OTRS can now also be transferred to the verinice asset database. For specific integration projects, SerNet and c.a.p.e IT are happy to provide advice and support.
verinice plays together nicely with the vulnerability scanner from Greenbone / OpenVAS for efficient vulnerability management. With verinice 1.12, the verinice team has already introduced the Greenbone Perspective – verinice 1.13 now also simplifies the configuration of this link.
Both collaborations point to the openness of verinice. This idea is followed through by a new REST web service in verinice 1.13 which creates various possibilities for linking verinice.PRO to other software tools. Naturally, all requests for this new interface are also subject to the existing authentication and authorization mechanisms.
The release notes contain details on verinice 1.13. A new privacy package for verinice and video tutorials will be released shortly.