U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Computer Security Resource Center

Computer Security Resource Center

For 20 years, the Computer Security Resource Center (CSRC) has provided access to NIST's cybersecurity- and information security-related projects, publications, news and events.   CSRC supports stakeholders in government, industry and academia—both in the U.S. and internationally.

In this major update to CSRC:

 

Recent News

NIST Revises Guidance for Developing Cyber-Resilient Systems December 9, 2021
NIST announces the release of a major update to Special Publication (SP) 800-160 Volume 2, Revision 1, "Developing Cyber-Resilient Systems: A Systems Security Engineering Approach."
NCCoE Releases Draft Project Description for IPv6 Transition December 9, 2021
The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, Secure IPv6-Only Implementation in the Enterprise.
Combination Frequency Differencing: Draft NIST Cybersecurity White Paper December 6, 2021
A draft NIST Cybersecurity White Paper, Combination Frequency Differencing, is now available for public comment.
NIST Updates IoT Cybersecurity Guidance and Accompanying Catalog November 29, 2021
NIST has released final IoT-specific guidance (NIST Special Publications 800-213 and 800-213A) to federal organizations to support extending their risk management process to the inclusion of IoT devices in federal systems.
Enterprise Patch Management: Draft Publications Available for Comment November 17, 2021
Two draft publications on enterprise patch management are available for public comment through January 10, 2022: Draft SP 800-40 Rev. 4 and Draft SP 1800-31.

View All News

Upcoming Events

NCCoE Virtual Workshop on the Cybersecurity of Genomic Data January 26, 2022
Genomic data are central to basic science research, pharmaceutical drug and vaccine development, disease diagnosis and prediction, ancestry tracing, and forensic investigations. These applications require information fidelity...
DevSecOps and ZTA for Cloud-Native Applications - Third Annual Multi-Cloud Conference and Workshop (virtual) January 26, 2022 - January 27, 2022
This year’s Multi-Cloud Conference co-hosted by NIST and Tetrate will focus on DevSecOps and ZTA as foundational approaches to development, deployment, and operational phases for achieving high-assurance cloud-native...
3rd Open Security Controls Assessment Language (OSCAL) Workshop March 1, 2022 - March 2, 2022
The National Institute of Standards and Technology will be hosting on Tuesday, March 1st, and Wednesday, March 2nd, 2022, the third workshop in the series focusing on the Open Security Controls Assessment Language (OSCAL)....
Lightweight Cryptography Workshop 2022 May 9, 2022 - May 11, 2022
NIST will host the Fifth Lightweight Cryptography Workshop (virtual) on May 9-11, 2022, to discuss various aspects of the finalists and to obtain valuable feedback for the standardization of lightweight cryptographic...

View All Events