U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

DevSecOps

Publications

The following NIST-authored publications are directly related to this project.

Series & Number Title Status Released
White Paper (Draft) [Project Description] Software Supply Chain and DevOps Security Practices: Implementing a Risk-Based Approach to DevSecOps Draft 07/21/2022
SP 800-207 Zero Trust Architecture Final 08/11/2020
SP 800-204A Building Secure Microservices-based Applications Using Service-Mesh Architecture Final 05/27/2020
White Paper NIST CSWP 14 ipd (Draft) Hardware-Enabled Security for Server Platforms: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases Draft 04/28/2020
White Paper NIST CSWP 13 Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF) Withdrawn 04/23/2020
SP 800-160 Vol. 2 Developing Cyber Resilient Systems: A Systems Security Engineering Approach Withdrawn 11/27/2019
SP 800-204 Security Strategies for Microservices-based Application Systems Final 08/07/2019
SP 800-125A Rev. 1 Security Recommendations for Server-based Hypervisor Platforms Final 06/07/2018
SP 800-160 Vol. 1 Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems Final 03/21/2018
SP 800-190 Application Container Security Guide Final 09/25/2017
SP 800-125B Secure Virtual Network Configuration for Virtual Machine (VM) Protection Final 03/07/2016
SP 800-40 Rev. 3 Guide to Enterprise Patch Management Technologies Withdrawn 07/22/2013
SP 800-125 Guide to Security for Full Virtualization Technologies Final 01/28/2011
Created October 21, 2020, Updated September 07, 2022