News & Updates

NIST has published NIST Interagency Report (IR) 8505, A Data Protection Approach for Cloud-Native Applications.

NIST Cybersecurity White Paper (CSWP) 36B Using Hardware-Enabled Security to Ensure 5G System Platform Integrity - Applying 5G Cybersecurity and Privacy Capabilities White Paper Series is available for public comment. The deadline to submit comments to this draft document is October 30, 2024.

The NCCoE has released an initial public draft for "Supply Chain Traceability: Manufacturing Meta-Framework." Public comments are welcome through November 15, 2024. 

NIST Cybersecurity White Paper (CSWP) 31, Proxy Validation and Verification for Critical AI Systems: A Proxy Design Process has been published.

The initial public draft (ipd) of NIST Interagency Report (IR) 8446, Bridging the Gap between Standards on Random Number Generation: Comparison of SP 800-90 Series and AIS 20/31, is now available for public comment through December 20, 2024.

NIST Special Publication (SP) 800-50r1 (Revision 1), Building a Cybersecurity and Privacy Learning Program.

The NIST Cybersecurity for IoT Program is proud to announce the release of NIST IR 8425A.

NIST is pleased to announce the release of Internal Report (IR) 8459, Report on the Block Cipher Modes of Operation in the NIST SP 800-38 Series.

NIST's Crypto Publication Review Board is proposing to update FIPS 202, "SHA-3 Standard" and revise Special Publication 800-185, "SHA-3 Derived Functions." Submit public comments through Monday, October 7, 2024.

The second public drafts of revision 4 of NIST Special Publications 800-63, 800-63A, 800-63B, and 800-63C are now available, with comments due October 7, 2024.

After two public comment periods, NIST has decided to revise Special Publication 800-135 Rev. 1, "Recommendation for Existing Application-Specific Key Derivation Functions."

The NCCoE is launching a new series of papers on 5G cybersecurity and privacy that will provide recommended practices and illustrate how to implement them. All of the featured capabilities have been implemented in the NCCoE testbed on commercial-grade 5G equipment. The first two drafts in this series are open for public comment through September 16, 2024.

NIST has released the initial public draft of Interagency Report (IR) 8532, Workshop on Enhancing Security of Devices and Components Across the Supply Chain. The comment period closes September 16, 2024.

The Secretary of Commerce has approved three Federal Information Processing Standards (FIPS) for post-quantum cryptography: FIPS 203, 204 and 205.

NIST Special Publication (SP) 800-231, Bugs Framework (BF): Formalizing Cybersecurity Weaknesses and Vulnerabilities, is now available.

The final version of NIST Special Publication (SP) 800-201, NIST Cloud Computing Forensic Reference Architecture, is now available.

Today, NIST is releasing Special Publication (SP) 800-218A, Secure Software Development Practices for Generative AI and Dual-Use Foundation Models: An SSDF Community Profile.

The NIST Risk Management Framework Small Enterprise Quick Start Guide is designed to help small, under-resourced entities understand the value and core components of the RMF.

The initial public draft of NIST Special Publication (SP) 800-233, Service Mesh Proxy Models for Cloud-Native Applications, is now available for public comment. The deadline to submit comments is September 3, 2024.

In January 2022, NIST revised Federal Information Processing Standard (FIPS) 201, which establishes standards for the use of Personal Identity Verification (PIV) credentials, including those on PIV Cards. NIST Special Publication (SP) 800-73-5: Parts 1–3 and SP 800-78-5 have subsequently been revised to align with FIPS 201.

NIST has released the fourth public draft (4pd) of NIST Special Publication (SP) 800-90C, Recommendation for Random Bit Generator (RBG) Constructions. The comment period for this draft is open through September 30, 2024.

The initial public draft (ipd) of NIST Special Publication (SP) 800-224. The public comment period is open through September 6, 2024.

The initial public draft of NIST Internal Report (IR) 8505, A Data Protection Approach for Cloud-Native Applications, is now available for public comment.

NIST is reviewing Special Publications 800-38B and 800-38C (CMAC and CCM block cipher modes) and requests public comments by September 13, 2024.

NIST Internal Report (IR) 8517, Hardware Security Failure Scenarios: Potential Weaknesses in Hardware Design, is now available for public comment.