Glossary terms and definitions last updated: March 14, 2025
This Glossary is an aggregation of terms and definitions specified in NIST's cybersecurity and privacy standards, guidelines, and other technical publications, and in CNSSI 4009. These should not be viewed as "official" or "preferred" definitions for a particular subject area, sector, or industry, with the exception that some definitions are cited directly from U.S. laws, the Code of Federal Regulations, Presidential Directives, etc.
Each term-definition pair must be understood within the context of its Source document, to which readers should refer. Because of this, many terms have multiple, varying definitions that reflect the different contexts of various publications written at different times.
For more background about this Glossary, see NISTIR 7298 Rev. 3.
Download the Glossary in JSON format (updated daily at 6:15 pm ET; see metadata).
* "Relevance" merely indicates the search engine's score for a document. It is based on the search parameters and information in the document's detailed record.