Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Projects Vulnerability Disclosure Guidelines

Vulnerability Disclosure Guidelines

ISO/IEC 29147 and 30111

ATTENTION: The Project Lead is no longer at NIST. Inquiry responses may be delayed.

 

NIST SP 800-216, Recommendations for Federal Vulnerability Disclosure Guidelines, is based on the policies and processes shown in the figure below. Minimal changes have been made to support vulnerability management at the local and federal levels.

Chart displaying how ISO/IEC 29147 and ISO/IEC 30111 work together to form the basis of addressing vulnerability disclosures.

Contacts

Vulnerability disclosure inquiries
[email protected]

Created February 04, 2021, Updated May 07, 2025