verinice is a tool for managing information security.
Clone or download
murygin Merge pull request #497 in ISMS/verinice from bugfix/vn-2110-to-maste…
…r-web-multi-option-depends to master

* commit 'ad5259dfc3e37090b37b7cdc7e7c890f44d83692':
  prevent the menu from close when select
  enable depend behavior
Latest commit 5a56c47 May 24, 2018
Permalink
Failed to load latest commit information.
Verinice-Update-Site Remove every occurence of mysql in verinice files Jun 15, 2016
sernet.gs.db.fragment Switch to Java 8 Compiler Dec 6, 2017
sernet.gs.ehcache.fragment Switch to Java 8 Compiler Dec 6, 2017
sernet.gs.hibernate.fragment Switch to Java 8 Compiler Dec 6, 2017
sernet.gs.log4j.fragment Switch to Java 8 Compiler Dec 6, 2017
sernet.gs.pax_web.fragment Switch to Java 8 Compiler Dec 6, 2017
sernet.gs.reveng store IDs instead of objects where appropriate Mar 1, 2018
sernet.gs.server.feature Change labels and text Jan 24, 2018
sernet.gs.server prevent the menu from close when select May 23, 2018
sernet.gs.service update mapping Apr 13, 2018
sernet.gs.springweb.fragment Switch to Java 8 Compiler Dec 6, 2017
sernet.gs.ui.rcp.main.feature Set 1.16 as version number Apr 4, 2018
sernet.gs.ui.rcp.main Inherit context state before checking richts service Apr 13, 2018
sernet.hui.common introduce ITaggableElement interface for elements that have tags Mar 19, 2018
sernet.hui.server WIP: Introduce Maven Tycho build. Sep 5, 2017
sernet.hui.swtclient treat the edit button as the URLControl's control Mar 8, 2018
sernet.springclient Update dependencies Sep 5, 2017
sernet.verinice.bp.importer add some missing hyphens Jan 26, 2018
sernet.verinice.fei.rcp make it impossible to overwrite the required permission after the Feb 2, 2018
sernet.verinice.fei.service remove some unused fields Feb 23, 2018
sernet.verinice.kerberos globally fix spelling of "occurred" Jan 29, 2018
sernet.verinice.oda.driver.designer Rename directory and files Feb 9, 2018
sernet.verinice.oda.driver Disable secure report execution context by default Apr 3, 2018
sernet.verinice.p2 Modify project files to support SonarLint 2 Apr 18, 2016
sernet.verinice.releng.client.product Fix icon path in product configuration Jan 31, 2018
sernet.verinice.releng.parent Create update site by sernet.verinice.releng.client.product Jan 26, 2018
sernet.verinice.releng.server.product Removed the test resources and minor spelling Sep 5, 2017
sernet.verinice.releng.tp Add proper eclipse target platform spec file Feb 16, 2018
sernet.verinice.report.designer.target Modify project files to support SonarLint 2 Apr 18, 2016
sernet.verinice.report.designer.tycho Create ZIP archive of v.Designer product distribution Sep 5, 2017
sernet.verinice.report.service Add getProtectionDomain and suppressAccess items to report permission… Apr 13, 2018
sernet.verinice.samt.rcp add missing @override annotations Feb 20, 2018
sernet.verinice.samt.service remove unused type specification Mar 21, 2018
sernet.verinice.tycho.parent Modify project files to support SonarLint 2 Apr 18, 2016
target-platform WIP: Introduce Maven Tycho build. Sep 5, 2017
third-party-plugins Refactor sorting of ldap accounts. Jun 19, 2017
update-site Remove every occurence of mysql in verinice files Jun 15, 2016
.gitignore Merge branch 'feature/vn-1201-tycho-instead-of-buckminster' into feat… Sep 26, 2017
.travis.yml Make build compatible with JDK7. Sep 5, 2017
CODINGSTYLE.md Use uppercase for all project description file names. Jan 15, 2016
COPYRIGHT.md Use uppercase for all project description file names. Jan 15, 2016
LICENSE Put license text into root directory. Jan 15, 2016
README.md Add target platform section to README Feb 16, 2018

README.md

verinice

verinice helps you to build and operate your management system for information security (ISMS). Whether you base it on ISO 27001, BSI IT Baseline Protection, IDW PS 330 or another standard: verinice supports you in your daily work as a CISO or IT Security Officer.

All relevant standards are either already integrated in the tool or can be easily imported. All data is stored in an object model that is tailored to the requirements of information security and is dynamically expandable. This makes your data the basis for a sustainable IS process.

Eclipse Rich Client Platform

verinice is a Java application. The graphical surface is implemented with the Rich Client Platform (RCP). This makes verinice platform independent while using the native GUI elements of the operating system.

Also part of the Eclipse platform is the BIRT Report Designer. All verinice reports can be customized – and you’re able to design completely new reports which can be exported as PDF, HTML or Excel (CSV) file.

Target Platform

The spec file for the verinice target platform is stored in sernet.verinice.releng.tp. Add this folder as a project.

To build and run your project go to Window > Preferences > Plug-in Development > Target Platform and select 'verinice-platform'

Dynamic Object Model (HitroUI)

The HitroUI Framework is a part of verinice. A simple XML-file defines all fields and field types which appear in the application. So the database data and all displayed forms are generated dynamically.

This dynamic object model allows you to define additional data fields for specific objects as needed or to remove unneeded fields from the standard forms. That is how you can adapt verinice to your working methods and the requirements of your organization.

Databases

By using the object-relational mapper Hibernate, verinice is able to connect with different database systems. The supported database systems are:

  • PostgreSQL
  • Apache Derby
  • Oracle DB

Three-Tier Architecture

verinice uses a three-tier architecture where independent software modules are implemented. A centralized database and an application server provide data to the client.

The verinice.PRO application server complements the pure client with a centralized IS repository hosted in your company. It enables multiple people to work on one ISMS - even across different locations.

Contributing to verinice via GitHub

  • fork our repository on GitHub

  • become familiar with our coding standards and read verinice coding style

  • send a pull request for your branch through GitHub

  • this will trigger an email to the verinice developer mailing list

  • discussion happens on your pull request on github

  • after your pull request is approved, we pull the branch in our internal repository, do the merge there and push it back to the GitHub mirror

How to build

To build the Verinice client, client update site, server and report designer all at once execute the following commands:

  1. cd sernet.verinice.releng.parent
  2. mvn -Dtycho.disableP2Mirrors=true clean verify

To see where the Verinice client, client update site, server and report designer build artifacts can then be found read the following sections.

If you want to skip the junit tests you need to add the -Dmaven.antrun.skip=true parameter.

  1. mvn -Dtycho.disableP2Mirrors=true -Dmaven.antrun.skip=true clean verify

Verinice client

The built artifacts will be located in sernet.verinice.releng.client.product/target/products/. Artifacts for the following platforms will be produced:

  • Linux GTK 32 and 64 bit
  • Windows 32 and 64 bit
  • Mac OS X 64 bit

Verinice client update site

The P2 update site will be located in sernet.verinice.update_site/target/repository.

Verinice server

The WAR file (which can be deployed e.g. to Tomcat) will be located under sernet.verinice.releng.server.product/target/. The WAR file is of course platform independent (in contrast to the Verinice client and report designer builds).

Verinice report designer

The built artifacts will be located in sernet.verinice.report.designer.tycho/target/products/. Artifacts for the following platforms will be produced:

  • Linux GTK 32 and 64 bit
  • Windows 32 and 64 bit
  • Mac OS X 64 bit