News & Updates
Public Comments: DRAFT Special Publication 800-63-2
February 1, 2013
NIST announces the release of Draft Special Publication 800-63-2, Electronic Authentication Guideline for public review and comment. This recommendation provides technical guidelines for Federal agencies...
Update Status on (Draft) NIST SP 800-53 Revision 4
January 18, 2013
NIST anticipates the release of Special Publication 800-53, Revision 4, Security and Privacy Controls for Federal information Systems and Organizations (Final Public Draft) on Tuesday, February 5th.
Open Meeting of ISPAB (March 2013)
January 2, 2013
The Information Security and Privacy Advisory Board (ISPAB) will meet Wednesday, February 13, 2013 - Friday, February 15, 2013. All sessions will be open to the public.
NIST Special Publication 800-38F
December 21, 2012
NIST announces the release of Special Publication 800-38F, Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping. This publication describes cryptographic methods for the protection of the...
Public Comments: DRAFT NISTIR 7904
December 21, 2012
NIST announces the public comment release of Draft Interagency Report (IR) 7904, Trusted Geolocation in the Cloud: Proof of Concept Implementation. This publication explains selected security challenges involving...
NIST Released NISTIR 7817
November 30, 2012
NIST announces the release of NIST Interagency Report (NISTIR) 7817, A Credential Reliability and Revocation Model for Federated Identities. NISTIR 7817 describes and classifies the different types of identity...
NIST Announces the Release of NISTIR 7896
November 16, 2012
NIST opened a public "SHA-3" competition in November 2007 to develop a new cryptographic hash algorithm. On October 2, 2012, NIST announced Keccak as the winner and the new SHA-3 algorithm.
NIST CSD Announces the Release of NISTIR 7878
November 13, 2012
This report (NISTIR 7878) describes measures of combinatorial coverage that can be used in evaluating the degree of t-way coverage of any test suite, regardless of whether it was initially constructed for ...
Links to keynote presentations
November 9, 2012
Links to keynote presentations on Emerging Risk Management and Cyber Security Strategies are available at
NIST and NISTs CSD Announced the SHA-3 WINNER
October 3, 2012
NIST announced KECCAK as the winner of the SHA-3 Cryptographic Hash Algorithm Competition and the new SHA-3 hash algorithm in a press release issued on October 2, 2012. KECCAK was designed by...
Comments: NISTIR 7511 Revision 3.04, DRAFT SCAP Version 1.2
September 28, 2012
Draft NIST Interagency Report (IR) 7511 Revision 3, Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements, describes the requirements that must be met by products to achieve SCAP...
NIST Special Publication 800-30 Revision 1
September 18, 2012
The National Institute of Standards and Technology (NIST) announces the release of the final version of its updated risk assessment guideline, Special Publication 800-30, Revision 1, Guide for Conducting Risk...
NIST Interagency Report (IR) 7874
September 18, 2012
NIST Interagency Report (IR) 7874, Guidelines for Access Control System Evaluation Metrics, has been released as final. This report provides Federal agencies with background information on access control (AC...
Baltimore ISSA InfoSec Summit Held at NIST
September 13, 2012
The Baltimore Information Systems Security Association Chapter would like to invite you to their Third Annual InfoSec Summit. We are holding the event at the National Institute of Standards and Technology (NIST...
NIST CSD Released DRAFT Guidelines to Media Sanitization
September 6, 2012
NIST announces the release of Draft Special Publication 800-88 Revision 1, Guidelines for Media Sanitization for public review and comment. SP 800-88 discussed methods, techniques and best practices for the...
NIST Released DRAFT Special Publication 800-40 Revision 3
September 5, 2012
NIST announces the public comment release of draft NIST Special Publication (SP) 800-40 Revision 3, Guide to Enterprise Patch Management Technologies. Patch management is the process for identifying, acquiring...