One quarter after version 1.18, SerNet delivers important enhancements in version 1.18.1, for which we don't want to keep our customers waiting any longer. All details with explanatory screenshots can be found in the Release Notes for verinice. The date for the autumn release is already fixed. verinice 1.19 will be released in week 46 (11th - 15th November 2019).
Risk Analysis - BSI-Standard 200-3
The verinice.TEAM further simplifies the risk analysis in verinice 1.18.1 according to BSI standard 200-3. Risk assessment and risk treatment are no longer documented in the individual requirements or safeguards but directly in the respective threats.
Users can now evaluate and document the risk directly in the threat with and without additional safeguards before and after any risk treatment for a package of safeguards.
The elimination of the previous documentation per safeguards/requirement and its calculation in the threats reduces the effort considerably. In addition to further bug fixes and detail improvements, the new procedure significantly increases performance.
Reporting
The verinice.TEAM publishes the final versions of the Report Templates for the new IT Baseline Protection, which have already been discussed in the verinice.FORUM in recent weeks, and would like to express its thanks to all testers for their constructive feedback. The new or revised report templates will be released exclusively based on the new LTR technology:
The report templates for the Security Assessments according to VDA ISA / TISAX 4.1.0 can now be generated including the spider web diagrams with SVG support.
With verinice 1.18.1, the report templates Risk Management and Risk Treatment for the ISO/ISM Perspective benefit most from the generation via LTR graph technology - customer tests promise a considerably faster generation of reports.
In addition, all report templates are successively internationalized, each report template file only exists once, and additional language versions are made available by simply adding a translation file.
A small but helpful feature is the option to open reports after creation directly from the confirmation dialog, no searching via the file manager is required.
The report queries themselves have also been optimized through caching and other improvements. In particular, the opening of large LTR datasets in verinice and v.Designer has been significantly accelerated.
Webfrontend
Users of the modernized IT Basic Protection can now access the texts of the IT Baseline Protection Compendium in the web frontend under tasks for requirements, safeguards and threats, which greatly simplifies the implementation of the individual tasks.
Hinweise zum Update
Two important hints for verinice users come with the update:
An automatic update of the clients to versions 1.18 and 1.17 was unfortunately not possible due to a platform change! See our HowTo. The update of the verinice.PRO server to version 1.18 can be done automatically as usua