You are viewing this page in an unauthorized frame window.
This is a potential security issue, you are being redirected to https://csrc.nist.gov.
An official website of the United States government
Here’s how you know
Official websites use .gov A
.gov website belongs to an official government
organization in the United States.
Secure .gov websites use HTTPS A
lock (
) or https:// means you’ve safely connected to
the .gov website. Share sensitive information only on official,
secure websites.
Glossary terms and definitions last updated: February 7, 2025
This Glossary is an aggregation of terms and definitions specified in NIST's cybersecurity and privacy standards, guidelines, and other technical publications, and in CNSSI 4009. These should not be viewed as "official" or "preferred" definitions for a particular subject area, sector, or industry, with the exception that some definitions are cited directly from U.S. laws, the Code of Federal Regulations, Presidential Directives, etc.
Each term-definition pair must be understood within the context of its Source document, to which readers should refer. Because of this, many terms have multiple, varying definitions that reflect the different contexts of various publications written at different times.
Cite the source publication, not this website. As our documents are published and withdrawn, the terminology on these web pages will change. When citing terms and definitions, we encourage you to cite the source publication for the authoritative terminology and to understand it in its proper context. Many terms on this website have different definitions, from multiple publications.
Public input. We invite public comments—including terminology suggestions—on our draft publications and welcome your contributions.
* "Relevance" merely indicates the search engine's score for a document. It is based on the search parameters and information in the document's detailed record.
