Last week, a critical vulnerability in the widely used logging library log4j 2 became known. The log4j versions included in the verinice.PRO server are not affected by the vulnerability!

The vulnerability is described in this article, among others: Log4Shell: RCE 0-day exploit found in log4j 2, a popular Java logging package and has the CVS number CVE-2021-44228 erhalten.

For more information, see the article in our verinice forum: https://forum.verinice.com/t/verinice-nicht-betroffen-von-log4…

Update (December 15th, 2021): Due to the current Corona developments, the organising team has decided to hold the verinice.XP 2022 as an online event. Participation in the digital conference is free of charge. 

The next verinice.XP will take place from February 22 & 23, 2022 – again on site in Berlin at the Radisson Blu Hotel. Organizer SerNet is looking forward to the direct exchange and meeting of the verinice community.

Early Bird tickets at a price of 399 euros are already available on the…

Version 1.23.1 of verinice is now available for download in the verinice.SHOP.

This update for verinice fixes an error when copying objects. In the single-user version of verinice 1.22.2 and 1.23, the function "Copy with links" could not be executed. Calling up the function is possible again in version 1.23.1.

verinice.PRO was not affected by the error. In the operating mode "Server", the function "Copy with links" can also be executed without errors in older versions. Therefore, no new…

From now on verinice and verinice.PRO version 1.23 are available for  download in verinice.SHOP or in customer repository respectively. The verinice.TEAM delivers with verinice 1.23 more than 30 new features, detail changes and bug fixes. These are described in detail in the release notes.

Among other things, verinice 1.23 now uses Java 11, and the Java Runtime Environment (JRE) from Adoptium (formerly AdoptOpenJDK) shipped with the client has been updated to the latest version. For this,…

The date for the fall release of verinice is getting closer: Version 1.23 will be released in KW 40 (Oct. 4-8, 2021).

Users can look at the planned features for upcoming versions in the verinice.FORUM under "Roadmap". They can also suggest new features there or discuss specifications for already suggested features with the team as well as other verinice users.

The release of verinice 1.23 is scheduled shortly before it-sa. The IT security trade fair will be held in Nuremberg from October 12 to…

2021 is it-sa-year again! From October 12 to 14, the trade fair on IT security will take place again in Nuremberg after a one-year break. In Hall 7a, Booth 326 the verinice.TEAM of SerNet GmbH will be present together with the verinice partners Cassini, SILA Consulting and c.a.p.e. IT. 

Colleagues from SerNet as well as the partner companies will be available to talk about verinice. The partners will also inform about their own range of services such as the setup of a management system for…

version 1.22.2 of verinice and verinice.PRO is now available for download in the verinice.SHOP or in the customer repository. verinice 1.22.2 (Release Notes) is a security update. The verinice.TEAM recommends all users to apply the available patch as soon as possible.

With verinice 1.22.2 the team fixes a vulnerability, details are described in the Security Advisory. The official CVE ID is CVE-2021-36981. We would like to especially thank Frank Nusko (Secianus GmbH), who found the vulnerability…

As of now, the verinice.TEAM provides the BSI published Benutzerdefinierte Bausteine for use in verinice free of charge. They can be ordered and downloaded from the verinice.SHOP. 

Users of IT-Grundschutz have the opportunity to contribute their expertise to IT-Grundschutz by creating so-called Benutzerdefinierte Bausteine (user defined building block). To do this, an institution picks out a topic or partial aspect for which no IT-Grundschutz building block has yet been published and on which…

The IT Baseline Protection Profile for control centers is now available for use in verinice ( as of version 1.22). The Baseline Protection Profile is published by the Fachverband Leitstellen e.V. – in German only – and can now be directly integrated into verinice. It is available free of charge via the verinice.SHOP.

The IT Baseline Protection Profile for Control Centers helps users to install an information security process in a control center and to adapt it to the corresponding requirements.…

The verinice.TEAM has published the additional module verinice PCI DSS. This requirements catalog maps the Payment Card Industry Data Security Standard (PCI DSS) in verinice. The module can be used with verinice starting with version 1.22 in the ISM perspective. It is available to purchase in the verinice.SHOP. 

About the module verinice PCI DSS

The module verinice PCI DSS enables tool-supported verification of compliance with PCI DSS requirements. Requirements from other standards or laws…