vulnerability management

Share to Facebook Share to Twitter

Vulnerabilities are "weaknesses in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source." [SP 800-37 Rev. 2, Appendix B]

Related Projects

Bugs Framework BF
[Redirect to: https://samate.nist.gov/BF/] The Bugs Framework (BF) organizes software weaknesses...

Cybersecurity Supply Chain Risk Management C-SCRM
NEW! Request for Information | Evaluating and Improving NIST Cybersecurity Resources: The NIST...

DevSecOps
NCCoE DevSecOps project has launched! The NIST NCCoE has launched a new project, Software Supply...

National Checklist Program NCP
NIST maintains the National Checklist Repository, which is a publicly available resource that...

Ransomware Protection and Response
Thanks for helping shape our ransomware guidance! We've published the final NISTIR 8374,...

View All Projects

Related Events

Cyber Supply Chain Risk Management (C-SCRM): Validating the Integrity of Server and Client Devices
September 10, 2019
On Tuesday, September 10, 2019, NIST’s National Cybersecurity Center of Excellence Supply Chain...

Security Content Automation Protocol Version 2 Introductory Teleconference
October 4, 2018
We are pleased to announce that a teleconference introducing the SCAP Version 2 effort has been...

View All Events

Related News

Federal Vulnerability Disclosure Guidelines: NIST SP 800-216
May 24, 2023
Internal and external reporting of security vulnerabilities in software and information systems...

NIST releases NIST IR 8409: Measuring the CVSS Base Score Equation
November 15, 2022
NIST has published NIST Internal Report (IR) 8409, Measuring the Common Vulnerability Scoring System...

Submit Comments on NIST SP 1800-34 Initial Public Draft
June 23, 2022
The National Cybersecurity Center of Excellence (NCCoE) has released the initial public draft of...

NIST Releases Draft IR 8409
June 8, 2022
Today, NIST is seeking public comments on NIST IR 8409 ipd (initial public draft), Measuring the...

NIST Released 2 Enterprise Patch Management SPs
April 6, 2022
NIST's National Cybersecurity Center of Excellence (NCCoE) has released two new final publications...

View All News

Related Publications

Recommendations for Federal Vulnerability Disclosure Guidelines
SP 800-216
May 24, 2023
Final

Validating the Integrity of Computing Devices
SP 1800-34
December 09, 2022
Final

Measuring the Common Vulnerability Scoring System Base Score Equation
NISTIR 8409
November 15, 2022
Final

Improving Enterprise Patching for General IT Systems: Utilizing Existing Tools and Performing Processes in Better Ways
SP 1800-31
April 06, 2022
Final

Guide to Enterprise Patch Management Planning: Preventive Maintenance for Technology
SP 800-40 Rev. 4
April 06, 2022
Final

View All Publications

vulnerability management

Used For

Topics

Related Topics

vulnerability management

Related Projects

Related Events

Related News

Related Publications

Related Presentations

Used For

Topics

Related Topics