SerNet News

verinice 1.12: More Vulnerability Management, more Transparency

verinice Welcome Screen

verinice 1.12 is out. The new version of the open source tool for the management of information security (ISMS) is an efficient companion for companies, government agencies, consultants and auditors.  A perspective for working with vulnerability scanners is just one of many new features. verinice is published by SerNet.

verinice 1.12 introduces the Greenbone GSM perspective. This allows an easy start into managing vulnerabilities by intertwining verinice with the vulnerability scanner Greenbone GSM (OpenVAS). Two new tutorials explain step-by-step, how the results of vulnerability scans are imported and processed. When working with an IS-management system according to ISO 27001 the scanned systems and weaknesses can be used in a risk analysis.

verinice.PRO offers additional advantages: The workflow helps in assigning responsibilities and fixing vulnerabilities while in operation mode. An intelligent adjustment ensures that even after repeated scans duplicates are avoided and only fixed vulnerabilities are removed from the risk database.

Another big change: the whole development process moved to <link https: sernet verinice _blank external-link-new-window auf>Github. The verinice source code remains open source – and GitHub helps to make the development more transparent. 

verinice @ GitHub

There are also numerous improvements and bug fixes. More detailed information about features and improvements are listed in the <link http: verinice-support release-notes external-link-new-window release>release notes for verinice 1.12. verinice 1.12 is available at <link http: external-link-new-window von>

verinice SerNet 2016 SerNet

SerNet releases EnterpriseSAMBA 4.2.8 packages

Logo EnterpriseSAMBA

SerNet's EnterpriseSAMBA 4.2.8 has just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available at the <link https: _blank>EnterpriseSAMBA portal.

These packages address a lot of issues, which are listed in the <link https: samba history samba-4.2.8.html _blank release>release history for Samba 4.2.8.

Please note that SerNet's 4.2 packages and older versions will still be maintained as EnterpriseSAMBA and distributed via <link https: _blank> for free. Users don't even have to register anymore to be able to access the packages, but instead can use a public user. Starting with Samba 4.3 SerNet's packages are published as SAMBA+, available as software subscription. They can be purchased at the SAMBA+ shop. Detailed information and prices are listed at the <link https: _blank>SAMBA+ Shop.

SerNet SAMBA 2016 SAMBA SerNet

sambaXP moves to Berlin – Call for Papers and ticket sales are under way

Logo sambaXP

From May 10th to 12th 2016 the SerNet GmbH and the <link https: external-link-new-window>international Samba Team will host the SAMBA eXPerience. The 15th edition of the conference comes along with an innovation: For the first time Berlin will be the place for developers and users from around the world to meet. Sale of "Early Bird" tickets has started already.

"By moving our long established conference to Berlin, we're experimenting a little and looking forward to it", says Chen-Yu Lin, event manager at SerNet. Additionally the organizing committee meets with a wish expressed by the participants. Lin: "Most of our guests have a long journey ahead of them in order to attend the sambaXP. Berlin makes it easier for them and – as an overall attractive venue – may garner additional interest from new participants." The conference hotel RAMADA Berlin Alexanderplatz (Karl-Liebknecht-Str 32nd , 10178 Berlin) is centrally located and "moreover, it is very close to SerNet's Berlin offices", says Lin.

The "Call for Papers" section at  <link http: external-link-new-window> offers all information about the conference topics and more details. Abstracts can be submitted until February 29th. Technical presentations are welcome as are case studies. The conference language is English. However, the organizing team would be glad to see submissions in German or any other language as well.

"Early Bird" tickets for the two conference days are available at 399 Euros until February 29th. As usual the sambaXP kicks off on Tuesday (May 10th) with a tutorial: Tickets for "Managing Samba 4 as domain controllers and Implementing domain trusts" are priced 450 Euro.

John Terpstra is chairman of the sambaXP 2016 again. He is a founding member of the international Samba Team and highly respected author. 

SerNet SAMBA 2015 SAMBA SerNet

SAMBA+ and EnterpriseSAMBA Security Releases: 4.3.3, 4.2.7 and 4.1.22 packages available


SAMBA+ 4.3.3 and EnterpriseSAMBA 4.2.7 and 4.1.22 have just been released. These are security releases, please update affected systems as soon as possible. The packages are available for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu.

For more information about the security issues visit <link https: external-link-new-window the>

  • <link https: samba history samba-4.3.3.html _blank external-link-new-window release>Samba 4.3.3 release history 
  • <link https: samba history samba-4.2.7.html _blank external-link-new-window release>Samba 4.2.7 release history
  • <link https: samba history samba-4.1.22.html _blank external-link-new-window release>Samba 4.1.22 release history

SAMBA+ 4.3 packages and all later versions are available as software subscription. They can be purchased at the <link https: _blank external-link-new-window the>SAMBA+ shop where detailed information and prices are listed. The subscriptions bought at the SAMBA+ shop are managed at our platform <link https: external-link-new-window subscription management>OPOSSO. Users can activate their subscriptions here and manage access credentials. The new SAMBA+ 4.3.3 packages are included in existing subscriptions.

SerNet's 4.2 packages and older versions will still be maintained as EnterpriseSAMBA and distributed via <link https: external-link-new-window>

for free. Please note that users don't have to register anymore to be able to access the packages, but instead can use a public user.
SerNet SAMBA 2015 SAMBA SerNet

SerNet survey shows: All DAX-30 companies use OSS

Open source software (OSS) is crucial for the German industry - with many sustainable business models and high efficiency for providers and users. But there is still uncertainty, ignorance and difficulty in purchasing or procurement. The easiest way to learn is by example of others - and that is why the SerNet GmbH has launched a survey that examines the spread of open source software in DAX companies. DAX (Deutscher Aktienindex) is the German blue chip stock market index consisting of the 30 major German companies trading on the Frankfurt Stock Exchange. The result: All companies represented here are using open-source software. "We have expected this. But the proof is exciting," says Dr. Johannes Loxen, CEO of SerNet.

Loxen explains how SerNet arrived at the conclusion: "We had three ways to find out whether OSS is used. First, many of the DAX companies are our customers and we know that they use OSS." Secondly, some of the companies are advocates for open source. They provide their own software under an OSS license, are members of initiatives or initiate contests and awards. Loxen: "In the third case we had a close look at the visible OSS use."

The Dax 30: OSS promoters and users

Chen-Yu Lin, PhD (SerNet) conducted the investigation systematically. She divided the companies into three resulting groups: "Active promoters, active users and silent users." SAP, for example, has already contributed many million lines of code to the Eclipse platform and supports numerous Apache projects. "But sponsoring is not expressed solely in code or money," says Lin. The Deutsche Telekom AG e.g. created an publicly accessible Open Source License Compendium (OSLiC) published under Creative Commons license (CC BY-SA 3.0). "The compendium is a useful in-house tool for knowledge sharing, and shines a light on what to consider in various usage scenarios with different open source licenses," says Lin. "The compendiums availability and license will help others using OSS and thus the spread of open source software." Even German automotive industries are investing in OSS according to Lin: BMW runs several OSS projects and is among the active supporters; Daimler announces on its website to have OSS in use and published a 'License Declaration'.

Loxen adds:"When it comes to enterprises open source always plays a more decisive role – without being visible at first sight or boards even being conscious about it. Open source software is a motor for increased efficiency. Nobody gets along without it." License fees are a still valid, but an old argument. "Anybody inquiring safety, continuous improvement and open sources without backdoors as criteria, automatically comes to the conclusion that open source software is the answer."

Consistent, innovative thinking required

Given this central role Loxen calls for more consistency in politics and business: "Open source software has long since been transformed into an economic factor in Germany and Europe. It is time to represent this in procurement and purchasing as well." Existing barriers should be eliminated. "Equal opportunities - that would be a start!"

Further Information and Press Contact: 
Claudia Krell
Tel. +49 551 37 0000 0

SerNet 2015 SerNet