News & Updates

NIST SP 800-209, "Security Guidelines for Storage Infrastructure," has been published.

The National Cybersecurity Center of Excellence has released Draft NIST Cybersecurity Practice Guide (SP 1800-27), "Securing Property Management Systems," for public comment. The comment period closes on October 28, 2020.

NIST announces the publication of "NIST Cloud Computing Forensic Science Challenges," NISTIR 8006.

NIST has published Special Publication (SP) 800-210, "General Access Control Guidance for Cloud Systems."

NIST has released Draft Special Publication (SP) 800-209, "Security Guidelines for Storage Infrastructure," for public comment.  The comment period is open through August 31, 2020.

NIST is pleased to announce the release of OSCAL 1.0.0 Milestone 3. This is the third official milestone pre-release of .....

NIST announces the publication of SP 800-204A, "Building Secure Microservices-based Applications Using Service-Mesh Architecture."

A draft NIST Cybersecurity White Paper is available for comment: "Hardware-Enabled Security for Server Platforms." The public comment period is open through June 2, 2020.

NIST has released Draft Special Publication (SP) 800-210, "General Access Control Guidance for Cloud Systems," for public comment. The comment period is open through May 15, 2020.

NIST has published NIST SP 800-204, Security Strategies for Microservices-based Application Systems.

NIST is pleased to announce the first official release of the Open Security Controls Assessment Language (OSCAL), Version 1.0.0 - Milestone 1. The release.....

NIST announces the publication of NISTIR 8221, "A Methodology for Enabling Forensic Analysis Using Hypervisor Vulnerabilities Data."

NIST is releasing Draft Special Publication (SP) 800-204, "Security Strategies for Microservices-based Application Systems." Public comments are due by April 26, 2019.

The NCCoE seeks comments on Volume B ("Approach, Architecture, and Security Characteristics") of Draft SP 1800-19, Trusted Cloud: Security Practice Guide for VMWare Hybrid Cloud Infrastructure as a Service (IaaS) Environments. Comments are due by January 11, 2019.

The National Cybersecurity Center of Excellence (NCCoE) at NIST is seeking comments on a draft project description, Securing Telehealth Remote Patient Monitoring Ecosystem: Cybersecurity for the Healthcare Sector. Comments are due by December 21, 2018.

The NCCoE seeks comments on Volume B ("Approach, Architecture, and Security Characteristics") of Draft SP 1800-19, Trusted Cloud: Security Practice Guide for VMWare Hybrid Cloud Infrastructure as a Service (IaaS) Environments. Comments are due by January 11, 2019.

NIST has released Draft NIST Internal Report (NISTIR) 8221, which analyzes recent vulnerabilities associated with two open-source hypervisors--Xen and KVM--as reported by the NIST National Vulnerability Database. The public comment period closes Friday, October 12, 2018.

NIST has released a preliminary draft of NIST Special Publication 1800-19A, Trusted Cloud: Security Practice Guide for VMWare Hybrid Cloud Infrastructure as a Service (IaaS) Environments (Executive Summary).

Ensuring the Security of Virtualized Server Platforms Against Potential Threats: NIST Releases Draft Special Publication 800-125A Revision 1, Security Recommendations for Server-based Hypervisor Platforms

An increasing number of people and organizations are using smart, interconnected devices, which form....

NIST has published SP 800-125A, Security Recommendations for Hypervisor Deployment on Servers.

NIST announces the release of NIST Interagency Report (NISTIR) 8176, Security Assurance Requirements for Linux Application Container Deployments

NIST Announces the Final Release of Special Publication (SP) 800-190, Application Container Security Guide

Application Containers are slowly finding adoption in enterprise IT infrastructures. To address security concerns associated with deployment of application container platforms, NIST Special Publication 800-190 (2nd Draft), Application Container Security Guide, identified security threats

NIST requests public comments on DRAFT SP 800-180, NIST Definition of Microservices, Application Containers and System Virtual Machines. This document serves to provide a NIST-standard definition to application containers, microservices ...