For 20 years, the Computer Security Resource Center (CSRC) has provided access to NIST's cybersecurity- and information security-related projects, publications, news and events. CSRC supports stakeholders in government, industry and academia—both in the U.S. and internationally.
SSDF v1.1: Draft SP 800-218 Available for CommentSeptember 30, 2021 Draft NIST Special Publication (SP) 800-218, "Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities," is open for comment through Nov. 5, 2021.
Updated Mapping Between NIST CSF and NERC CIP StandardsSeptember 29, 2021 This white paper highlights a recent mapping effort between the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards and the NIST Cybersecurity Framework.
DevSecOps for Microservices-based App: Draft SP 800-204CSeptember 29, 2021 NIST has released Draft NIST Special Publication (SP) 800-204C, "Implementation of DevSecOps for a Microservices-based Application with Service Mesh." The public comment period is open through November 1, 2021.