Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

News & Updates

December 20, 2016
Federal Register Number: 2016-30615

NIST solicits nominations for candidate algorithms to be considered for public-key post-quantum standards. Submission requirements and evaluation criteria are available at https://www.nist.gov/pqcrypto. Proposals must be...

December 12, 2016

Special Publication 800-179 aims to assist IT professionals in securing Apple OS X 10.10 desktop and laptop systems within various environments. It provides detailed information about the security features of OS X 10...

November 21, 2016

NIST invites comments on Draft NIST SP 800-187, Guide to LTE Security. Cellular technology plays an increasingly large role in society as it has become the primary portal to the Internet for a large segment of...

November 15, 2016

NIST announces the release of Special Publication 800-160, Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. ...

November 14, 2016

NIST released NISTIR 7621 Revision 1, Small Business Information Security: The Fundamentals. NIST developed this interagency report as a reference guideline about cybersecurity for small businesses...

November 2, 2016

NIST is pleased to release the draft NICE Cybersecurity Workforce Framework (NCWF) - a reference resource that will allow our nation to more effectively identify, recruit, develop and maintain its cybersecurity talent...

October 17, 2016

Special Publication 800-53 Revision 5 Status Update

October 17, 2016

NIST announces the release of Draft Special Publication 800-121 Revision 2 Guide to Bluetooth Security. This draft is the second revision to NIST SP 800-121, Guide to Bluetooth Security. Updates in this revision...

October 5, 2016

Special Publication 800-178, A Comparison of ABAC Standards for Data Service Applications: XACML and NGAC and Special Publication 800-150, Guide to Cyber Threat Information Sharing ...

October 4, 2016

NIST invites comments on Draft NIST Interagency Report (NISTIR) 8151, Dramatically Reducing Software Vulnerabilities -- Report to the White House Office of Science and Technology Policy.

October 3, 2016

DRAFT NISTIR 8149, Developing Trust Frameworks to Support Identity Federations is now available for public comment - (click link above to go to the CSRC Draft Publications page to learn more about this draft &...

September 30, 2016

DRAFT NISTIR 8138, Vulnerability Description Ontology (VDO): a Framework for Characterizing Vulnerabilities; aims to describe a more effective and efficient methodology for characterizing vulnerabilities found in ...

September 28, 2016
Federal Register Number: 2016-23338

The Information Security and Privacy Advisory Board (ISPAB) will meet October 26-28, 2016. All sessions will be open to the public.

September 22, 2016

NIST announces the release of the final draft of Special Publication 800-160, Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. 

September 19, 2016
Federal Register Number: 2016-21813

Open Meeting of the Commission on Enhancing National Cybersecurity

September 15, 2016

NIST has released a draft of the Baldridge Cybersecurity Excellence Builder, a self-assessment tool to help organizations better understand the effectiveness of their cybersecurity risk management efforts. 

September 13, 2016

The National Cybersecurity Center of Excellence (NCCoE) has posted a draft Project Description on the topic of Authentication for Law Enforcement Vehicle Systems. 

September 12, 2016

NIST released DRAFT NISTIR 8144, Assessing Threats to Mobile Devices & Infrastrucutre: the Mobile Threat Catalogue. The Mobile Threat Catalogue outlines a catalogue of threats to mobile devices and associated...

September 7, 2016

A draft manufacturing implementation of the Cybersecurity Framework ("Profile") has been developed to establish a roadmap for reducing cybersecurity risk for manufacturers that is aligned with manufacturing sector goals...

August 26, 2016

See NIST's Public Affairs press release to read this announcement. The next ISPAB meeting will be October 26, 27 and 28, 2016, at NIST Campus.

August 25, 2016

NIST Requests Comments on a Draft Special Publication regarding the De-Identification of Government Datasets 

August 23, 2016

These documents are intended to provide guidance to the Federal Government for using cryptography and NIST’s cryptographic standards to protect sensitive, but unclassified digitized information during transmission and...

August 16, 2016

Draft Special Publication 800-171, Revision 1, represents a limited update to the original publication released in June 2015. In particular, this update includes...

August 11, 2016

Draft NIST Interagency Report (NISTIR) 8114, Report on Lightweight Cryptography is now available for public comment. NIST-approved cryptographic standards were designed to perform well using general-purpose...

August 11, 2016

NIST is proud to announce the release of Special Publication 800-182, 2015 Computer Security Division Annual Report. This annual report provides major highlights and accomplishments that the NIST Computer...

August 10, 2016
Federal Register Number: 2016-18948

The Commission on Enhancing National Cybersecurity requests information about current and future states of cybersecurity in the digital economy.

August 5, 2016

The new SP 800-73-4-based Test Runner has been released

August 5, 2016

NIST Released 5 Publications During Week of August 1-5, 2016: ...

August 2, 2016
Federal Register Number: 2016-18150

NIST is requesting comments on a proposed process to solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms. Comments are due September 16, 2016.

July 28, 2016

NIST announces the release of Special Publication (SP) 800-183, Networks of ‘Things’. SP 800-183 offers an underlying and foundational understanding of the Internet of Things (IoT) based on the realization that...

July 18, 2016

NIST invites comments on two draft publications on the Security Content Automation Protocol (SCAP). The first is Special Publication 800-126 Revision 3, The Technical Specification for the Security Content...

July 15, 2016
Federal Register Number: 2016-16742

The Commission on Enhancing National Cybersecurity will meet Tuesday, August 23, 2016, from 9:00 a.m. until 5:00 p.m. Central Time at the University of Minnesota's TCF Bank Stadium-DQ Club Room.

July 5, 2016
Federal Register Number: 2016-18150

The National Institute of Standards and Technology (NIST) is requesting comments on a proposed process to solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms.

July 5, 2016
Federal Register Number: 2016-15790

The Commission on Enhancing National Cybersecurity will meet Thursday, July 14, 2016, from 9:00 a.m. until 5:00 p.m. Central Time at the Hilton University of Houston. 

June 23, 2016

NIST invites comments on Draft Special Publication 800-179, Guide to Securing Apple OS X 10.10 Systems for IT Professionals: A NIST Security Configuration Checklist. This publication assists IT professionals in...

June 9, 2016

NIST published a summary of observations from Cybersecurity Framework Workshop 2016 held at NIST in Gaithersburg, Maryland on 6 and 7 April 2016. The summary highlights areas of agreement between workshop...

June 7, 2016

NIST announces the release of Special Publication (SP) 800-166, Derived PIV Application and Data Model Test Guidelines. SP 800-166 contains the derived test requirements and test assertions for testing the...

June 6, 2016

NIST is proud to announce the release of Draft Special Publication 800-184, Guide for Cybersecurity Event Recovery. The purpose of this document is to support federal agencies in a technology-neutral way in...

June 3, 2016
Federal Register Number: 2016-13096

The Commission on Enhancing National Cybersecurity will meet Tuesday, June 21, 2016, from 8:30 a.m. until 5:00 p.m. Pacific Time at the University of California, Berkeley in the Chevron Auditorium at the International House.

June 1, 2016
Federal Register Number: 2016-12860

The National Institute of Standards and Technology (NIST) invites organizations to provide products and technical expertise to support and demonstrate security platforms for the Data Integrity Building Block.

June 1, 2016

NIST is proud to announce the release of NISTIR 8135, Identifying and Categorizing Data Types for Public Safety Mobile Applications: Workshop Report...

June 1, 2016

NIST is pleased to announce the release of DRAFT NISTIR 8136, Mobile Application Vetting Services for Public Safety. The creation of the nation's first public safety broadband network (FirstNet) will require the...

May 23, 2016

NIST is pleased to announce the release of Special Publication 800-156, Representation of PIV Chain-of-Trust for Import and Export. The document provides the data representation of a chain-of-trust record for the...

May 19, 2016
Federal Register Number: 2016-11775

Pursuant to the Federal Advisory Committee Act, as amended, 5 U.S.C. App., notice is hereby given that the Information Security and Privacy Advisory Board (ISPAB) will meet…

May 11, 2016

NIST is proud to announce a public preview of Special Publication 800-63-3: Digital Authentication Guideline, which is currently in development. This preliminary draft contains new changes based on what we...

May 6, 2016
Federal Register Number: 2016-10652

The Commission on Enhancing National Cybersecurity (the “Commission”) will meet Monday, May 16, 2016, from 9:00 a.m. until 4:00 p.m. Eastern Time in Vanderbilt Hall at the New York University (NYU) School of Law

May 4, 2016

NIST announces the release of second draft Special Publication 800-160, Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. ...

April 28, 2016

NIST is pleased to announce the release of NIST Interagency Report (NISTIR) 8105, Report on Post-Quantum Cryptography. NIST Public Affairs Office issued a press release in regards to announcing the...

April 27, 2016

NIST has published NIST Interagency Report (NISTIR) 8040, Measuring the Usability and Security of Permuted Passwords on Mobile Platforms. Password entry on mobile devices significantly impacts both usability and...

April 26, 2016

A new chair, Christopher Boyer, was appointed to the National Institute of Standards and Technology (NIST) Information Security and Privacy Advisory Board (ISPAB). ...

April 25, 2016

NIST is pleased to announce the release of NIST Interagency Report (NISTIR) 8060, Guidelines for the Creation of Interoperable Software Identification (SWID) Tags. This report provides an overview of the...

April 21, 2016

NIST requests comments on the Second Draft of Special Publication (SP) 800-150, Guide to Cyber Threat Information Sharing. This draft provides guidelines for establishing, participating in, and maintaining cyber...

April 21, 2016

NIST announces the final release of the best practices guide for privileged user PIV authentication. The paper is in response to the Office of Management and Budget (OMB)’s October 2015 Cybersecurity Strategy and...

April 13, 2016

NIST invites comments on the second draft of Special Publication (SP) 800-90C, Recommendation for Random Bit Generator (RBG) Constructions. This Recommendation specifies constructions for the implementation of RBGs...

April 13, 2016

Special Publication (SP) 800-85A-4 provides derived test requirements and test assertions for testing PIV Middleware and PIV Card Applications for conformance to specifications in SP 800-73-4,...

April 12, 2016

NIST requests comments on Draft NIST Internal Report (NISTIR) 8071, LTE Architecture Overview and Security Analysis. Cellular technology plays an increasingly large role in society as it has become the primary portal...

April 7, 2016
Federal Register Number: 2016-07954

The Commission on Enhancing National Cybersecurity will meet Thursday, April 14, 2016, from 1 p.m. until 4 p.m. Eastern Time. 

April 5, 2016

NIST requests comments on Draft Special Publication (SP) 800-175A, Guideline for Using Cryptographic Standards in the Federal Government: Directives, Mandates and Policies. The SP 800-175 publications are...

March 31, 2016

NIST announces the release of NIST Interagency Report (NISTIR) 7977,Cryptographic Standards and Guidelines Development Process. This document describes the principles, processes and procedures behind our cryptographic...

March 29, 2016

NIST requests comments on the second draft of Special Publication (SP) 800-177, Trustworthy Email. This draft is a complimentary guide to NIST SP 800-45 Guidelines on Electronic Mail Security and covers protocol...

March 29, 2016

NIST is pleased to announce the release of Special Publication 800-38G, Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption. This publication specifies and approves...

March 14, 2016

NIST requests public comments on two draft Special Publications (SPs) on telework and BYOD security: Draft SP 800-46 Revision 2, Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security...

March 14, 2016

NIST requests public comments on draft Special Publication (SP) 800-154, Guide to Data-Centric System Threat Modeling. Data-centric system threat modeling is a form of risk assessment that models aspects of the attack...

March 11, 2016

NIST requests comments on Special Publication 800-175B,Guideline for Using Cryptographic Standards in the Federal Government: Cryptographic Mechanisms. ...

March 7, 2016

NIST announces the release of final version of NIST Special Publication 800-125B, Secure Virtual Network Configuration for Virtual Machine (VM) Protection. VMs constitute the primary resource to be protected in a...

February 24, 2016
Federal Register Number: 2016-03905

Pursuant to the Federal Advisory Committee Act, as amended, 5 U.S.C. App., notice is hereby given that the Information Security and Privacy Advisory Board 

February 23, 2016

Recognizing the importance of maintaining the relevance and currency of Special Publication (SP) 800-53, NIST will update Revision 4 to Revision 5 during calendar year 2016 beginning with this pre-draft ...

February 19, 2016

The comment period for Draft Special Publication 800-116 Revision 1 has been extended, and now closes at 5:00 EST (US and Canada) on March 1, 2016

February 18, 2016

NIST requests public comments on DRAFT SP 800-180, NIST Definition of Microservices, Application Containers and System Virtual Machines. This document serves to provide a NIST-standard definition to application...

February 17, 2016

On January 12-13, 2016 the Applied Cybersecurity Division (ACD) in the National Institute of Standards and Technology’s (NIST) Information Technology Laboratory hosted the “Applying Measurement Science in the Identity...

February 16, 2016

NIST requests public comments on DRAFT NISTIR 8063, Primitives and Elements of Internet of Things (IoT) Trustworthiness. This report describes research on creating a vocabulary, namely primitives and elements...

February 12, 2016
Federal Register Number: 2016-02860

The National Institute of Standards and Technology (NIST) is extending the period for submitting comments relating to the “Framework for Improving Critical Infrastructure Cybersecurity” 

February 9, 2016

 the CMVP has removed cryptographic modules implementing RNG from the FIPS 140-2 validation list as of 1/1/16.

February 8, 2016

Draft SP 800-166 contains the derived test requirements and test assertions for testing the Derived PIV Application and associated Derived PIV data objects. The tests verify the conformance of these artifacts to the...

February 5, 2016

This draft white paper is a best practices guide. The paper is in response to the Cybersecurity Strategy and Implementation Plan (CSIP), published by the Office of Management and Budget (OMB) ...

February 3, 2016

NIST requests public comments on DRAFT NISTIR 8105, Report on Post-Quantum Cryptography. In recent years, there has been a substantial amount of research on quantum computers – machines that exploit quantum ...

February 2, 2016

The National Institute of Standards and Technology (NIST) is pleased to announce the initial public draft release of NIST Internal Report (NISTIR) 8011, Automation Support for Security Control Assessments, ...

January 28, 2016

NIST announces the completion of Special Publication (SP) 800-57, Part 1 Rev. 4, Recommendation for Key Management, Part 1: General. This Recommendation provides ...

January 28, 2016

NIST announces the final release of NISTIR 7511 Revision 4, Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements. ...

January 27, 2016

NIST announces the second draft of Special Publication (SP) 800-90B, Recommendation for the Entropy Sources Used for Random Bit Generation. This Recommendation specifies the design principles and requirements for...

January 25, 2016
Federal Register Number: 2016-01344

The National Institute of Standards and Technology (NIST) invites organizations to provide products and technical expertise to support and demonstrate security platforms for the Wireless Medical Infusion Pumps use case for...

January 22, 2016

NIST announces the final release of NIST Interagency Report (NISTIR) 8055, Derived Personal Identity Verification (PIV) Credentials (DPC) Proof of Concept Research. ...

January 21, 2016

Addressing the nation’s rapidly increasing need for cybersecurity employees, the National Initiative for Cybersecurity Education (NICE) is seeking members from the public and private sectors and ...