The verinice.TEAM at SerNet has released the open source ISMS tool verinice in version 1.13. An in-memory query wizard, which makes the reporting quicker and easier, as well as the extension of the possibility to connect to other tools (KIX4OTRS, Greenbone, REST API) are new feature highlights. In addition, preparations were made for the data protection for the EU General Data Protection Regulation (EU GDPR).
Now available at shop.verinice.com
The most significant change triggered by verinice 1.13 concerns the licensing model. With the new version, the verinice client (single user version) equipped with the full feature set can be ordered directly via the verinice.SHOP for 249.90 Euro (incl. VAT). The verinice manual, which accompanies users when they get to know and work with verinice, is already part of the package. If you want to use verinice with multiple users and server functions, verinice.PRO is the one for you and is available as subscription.
New in the portfolio is verinice.EVAL, a free verinice trial version. verinice.EVAL is also available through the shop and is nearly feature complete to enable a realistic evaluation or use for research purposes. Testers only have to do without the reporting function.
In-memory query wizard and more convenience
Our new Link Table Report (LTR) makes reporting a lot easier: A query wizard allows users to collect all the information needed directly in verinice. Let's say you need a list of interrelated security controls from different standards. No problem. Or maybe you need a list of assets with risk scenarios and responsible personnel? Also created with just a few mouse clicks. All queries can be exported as CSV and imported directly to Excel or LibreOffice Calc and edited there. This is how the reports that are needed right now are generated – and they can be changed and designed in any way. The best thing is that all queries – including complex link structures and thousands of objects – are processed quickly and usually in a few seconds.
Other new features are designed to make your life – or at least your daily ISMS routine – a little easier. For example, links between the IT Baseline Protection view and the ISM view are possible now, risk analysis' can be duplicated for further target objects (including all intermediate steps), and file attachments can be copied together with objects at the same time. We have implemented a lot of this as requested by customers, tagged as "Quality of Life optimization".
In collaboration with c.a.p.e. IT verinice teams up IT service management (ITSM) and ISMS: verinice 1.13 makes it possible to link verinice.PRO and the ITSM tool KIX4OTRS. For example, OTRS tickets can be enriched with information on the processing of verinice objects – and if the ticket is successfully processed, the changed information can be stored in the verinice database. Configuration items from KIX4OTRS can now also be transferred to the verinice asset database. For specific integration projects, SerNet and c.a.p.e IT are happy to provide advice and support.
verinice plays together nicely with the vulnerability scanner from Greenbone / OpenVAS for efficient vulnerability management. With verinice 1.12, the verinice team has already introduced the Greenbone Perspective – ??verinice 1.13 now also simplifies the configuration of this link.
Both collaborations point to the openness of verinice. This idea is followed through by a new REST web service in verinice 1.13 which creates various possibilities for linking verinice.PRO to other software tools. Naturally, all requests for this new interface are also subject to the existing authentication and authorization mechanisms.
Lars "Lieschen" Müller passed away last night at the age of 46. Lars Müller lived in Göttingen and worked for SUSE in Nuremberg. He was a long term Samba Team member, a good friend of many people at SerNet and a diligent sambaXP participant.
But first of all Lars was a brave, honest and modest person, never afraid of sharing his valuable opinions that always came with great self-irony and reflection. He will be missed and never forgotten.
From October 18th - 20th 2016 Nuremberg (Germany) hosts the annual it security fair it-sa. SerNet, the verinice.TEAM and verinice.PARTNERS will be present at booth 12.0 / 12.0-339.
The verinice.TEAM is accompanied by the verinice.PARTNERS Cassini, SILA Consulting, IT-InfoSec und neam. Together they’ll present verinice in version 1.13 and demonstrate the possibilities of the ISMS tool for ISO 27001, VDA ISA etc. as well as specific scenarios. The partners will also inform about their individual services such as the design, implementation and optimization of a management system for information security, as well as certification and trainings. In addition Greenbone will demonstrate the option to combine verinice and the Greenbone Security Manager to enable efficient vulnerability management.
You want to learn more about verinice or certain functions? You want to know if verinice is the right tool for you? Or just give us feedback on the software? You want to get to know some verinice.PARTNERS and their services? We look forward to welcoming you at our booth. For appointments send us an email to itsa@. sernet.de
Get your visitor ticket for free access to it-sa: Just redeem the voucher code A333700 at http://www.it-sa.de/voucher/. With a visitor ticket you’ll be able to explore it-sa on any day starting at 9am.
The 1st Summit of the Free Software Foundation Europe (FSFE) will be held September 2nd - 4th at the BCC Berlin. Kicking off on Thursday (Sep. 2nd) with the motto "Let's talk about business" various business models and experiences around Free Sofware will be discussed. Dr. Johannes Loxen, CEO of SerNet, will be on of the speakers on this day with a lecture on OPOSSO, a new platform for Subscription Management.
At 4:15 p.m. Loxen introduces the free software project OPOSSO, published by SerNet and under AGPLv3. OPOSSO is a platform for the management of subscriptions and makes it easier for developers to establish a sustainable business model on subscription basis. OPOSSO automates the handling of high subscriber numbers, start and end dates of the subscriptions and the combination with web stores and software repositories. It follows the premise that the lower the price for the subscription is, the more the subscription process itself must be automated.
OPOSSO won the silver OSBAR 2015 – the Open Source Business Award of the OSB Alliance. In addition, the project can be observed live at https://oposso.samba.plus.
The FSFE Summit will bring together FSFE members and supporters from all over Europe. The Summit is organized as subconference of the QtCon which combines five free software Communites and projects under one roof: Qt Contributors, VideoLAN, KDAB, KDE – and FSFE.
SerNet launched OPOSSO - the OPensOurceSubScriptionpOrtal last year. OPOSSO is in use i.a. as a platform to manage the subscriptions for our own SAMBA+ packages. The source code is publicly available now, the software is licensed under the AGPLv3.
OPOSSO is a free subscription management portal for the marketing of (open source) software: In the past, open source developers who wanted to sell their software project as subscriptions quickly realized that there is no free solution for subscription management, that supports managing passkeys bought via an online store. OPOSSO provides a remedy. Unfortunately the currently available proprietary solutions from Red Hat or SUSE are not disclosed and are unsuitable for smaller projects. The system manages software subscription credentials and runtimes in interaction with a webshop.
SerNet developed the idea for OPOSSO in 2014 and implemented it in a joint venture with beclever.
Visit the OPOSSO repository:https://github.com/oposso-team/oposso