Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

News & Updates

Showing 22 matching records.
February 12, 2024

NIST is releasing Special Publication (SP) 800-204D, Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD Pipelines.

August 30, 2023

The initial public draft (ipd) of NIST Special Publication (SP) 800-204D, Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD Pipelines, is now available for public comment.

November 9, 2022

The National Cybersecurity Center of Excellence (NCCoE) has released the final project description, Software Supply Chain and DevOps Security Practices: Implementing a Risk-Based Approach to DevSecOps.

July 21, 2022

The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, Software Supply Chain and DevOps Security Practices: Implementing a Risk-Based Approach to DevSecOps

June 23, 2022

The National Cybersecurity Center of Excellence (NCCoE) has released the initial public draft of NIST SP 1800-34, Validating the Integrity of Computing Devices. Comments are due July 25, 2022.

May 5, 2022

NIST has released a revised publication, "Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations," NIST Special Publication 800-161r1.

April 7, 2022

NIST has published NIST Internal Report (NISTIR) 8419, Blockchain and Related Technologies to Support Manufacturing Supply Chain Traceability: Needs and Industry Perspectives.

February 22, 2022
Federal Register Number: 2022-03642

NIST is seeking information to assist in evaluating and improving its cybersecurity resources—including the widely-used NIST Cybersecurity Framework (CSF) and a variety of existing and potential standards, guidelines, and other information. Comments are due by April 25, 2022.

February 4, 2022

The SSDF has been updated to version 1.1 in the new release of NIST Special Publication (SP) 800-218.

October 28, 2021

A second public draft of Special Publication (SP) 800-161 Revision 1, "Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations," is open for comment through December 10, 2021.

September 30, 2021

Draft NIST Special Publication (SP) 800-218, "Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities," is open for comment through Nov. 5, 2021.

February 11, 2021

NIST announces the publication of NISTIR 8276, Key Practices in Cyber Supply Chain Risk Management: Observations from Industry.

August 25, 2020

NIST has published NISTIR 8272, "Impact Analysis Tool for Independent Cyber Supply Chain Risks."

July 31, 2020

NIST has released Draft SP 800-53B, "Control Baselines for Information Systems and Organizations," for public comment. The comment period is open through September 11, 2020.

March 13, 2020

NIST is soliciting comments on Draft NISTIR 8272, "Impact Analysis Tool for Interdependent Cyber Supply Chain Risks." The public comment period ends April 17, 2020.

August 7, 2019

NIST has published NIST SP 800-204, Security Strategies for Microservices-based Application Systems.

March 25, 2019

NIST is releasing Draft Special Publication (SP) 800-204, "Security Strategies for Microservices-based Application Systems." Public comments are due by April 26, 2019.

September 17, 2018

[9/18/18--TEMPORARILY WITHDRAWN. TO BE RE-POSTED AT A LATER DATE] Draft NISTIR 8222 identifies 17 technical trust-related issues that may negatively impact the adoption of IoT products and services.

December 1, 2017

NIST is pleased to announce the publication of a report by the University of Maryland’s Supply Chain Management Center titled “The Cyber Risk Predictive Analytics Project”. 

July 10, 2017

NIST is seeking comments on Draft NIST IR 8179, Criticality Analysis Process Model.

March 23, 2012

NIST announces the second public draft of NIST Interagency Report (NISTIR) 7622, Notional Supply Chain Risk Management Practices for Federal Information Systems. This publication is intended to provide a wide array of practices that, when implemented, ...

February 3, 2012

NIST is pleased to announce the release of a report by the University of Maryland's Supply Chain Management Center. The report, which stems from a NIST grant, inventories existing ICT supply chain initiatives and formulates a framework for defining ICT ...