verinice ist ein ISMS-Tool für das Management von Informationssicherheit. Die Software wird unter der Lizenz GPLv3 zum freien Download als OpenSource-Software kostenfrei bereit gestellt.
verinice unterstützt die Betriebssysteme Windows, Linux und MacOS und hat die Grundschutzkataloge des BSI lizenziert.
The project provides extensions to Hibernate to provide complete auditing capabilities. It uses a set of tables in the DB that do not depend on the object model
A common requirement in developing enterprise applications is to ensure audit logs are available for data security and traceability–who made the changes, when they were made, and what files or sections were changed. This requirement is not only dictated by corporate IT policies, but also required by government laws. Considering that most enterprise applications have at least 50 domain objects, implementing audit logs on each of them can be time-consuming. So, a generic solution must be established to minimize coding when creating audit logs.
Many enterprise business applications have such requirements that they should log their users' operations; who performs and when, records that are inserted into, deleted from database, or are changed during those operations, with a meaningful description about current state of those records. Hibernate already provides an interceptor mechanism at SessionFactory level. Hibernate fires events indicating new records are inserted, old ones are deleted, detection of updates, and other events related with transaction status, session flush etc. By that way one can easily track changes on persistent entities in his application.
The SOBF Tool is an Information Security Risk Analysis and Management tool. It is the reference implementation of the SOMAP.org Guide and follows the risk analysis workflow as described in the Guide.
The SOBF Tool is currently in development and there are public preview downloads from time to time. Please see below under Status/Download for further details.