News & Updates

NIST's National Cybersecurity Center of Excellence (NCCoE) Releases Draft SP 1800-12, Derived Personal Identity Verification (PIV) Credentials

NIST Announces the Release of a Discussion Draft of Special Publication (SP) 800-37, Revision 2, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy

NIST Announces the Final Release of Special Publication (SP) 800-190, Application Container Security Guide

NIST Releases NISTIR 8183, Cybersecurity Framework Manufacturing Profile

NISTIR 8192, “Enhancing Resilience of the Internet and Communications Ecosystem,” is now available

Application Containers are slowly finding adoption in enterprise IT infrastructures. To address security concerns associated with deployment of application container platforms, NIST Special Publication 800-190 (2nd Draft), Application Container Security Guide, identified security threats

NIST requests public comments on the release of Draft Special Publication (SP) 800-70 Revision 4, National Checklist Program for IT Products: Guidelines for Checklist Users and Developers. 

The Information Security and Privacy Advisory Board (ISPAB) will meet June 28-30, 2017. All sessions will be open to the public.

NIST requests comments on a draft of NIST Interagency Report (IR) 7511 Revision 4, Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements.

NIST is pleased to announce the third public comment release of NIST Internal Report (NISTIR) 8060, Guidelines for the Creation of Interoperable Software Identification (SWID) Tags. 

NIST requests comments on the design and development of Security Content Automation Protocol (SCAP) version 1.3. Please send suggestions for SCAP 1.3 by September 28, 2015. For more information, visit the CSRC SCAP web page.

NIST seeks public comments on Draft NIST Interagency Report (NISTIR) 8074, which comprises two volumes, "Report on Strategic U.S. Government Engagement in International Standardization to Achieve U.S. Objectives for Cybersecurity" (Vol. 1) and "Supplemental Information" (Vol. 2). 

NIST is pleased to announce the second public comment release of NIST Internal Report (NISTIR) 8060, Guidelines for the Creation of Interoperable Software Identification (SWID) Tags. 

NIST is pleased to announce the public comment release of NIST Internal Report (NISTIR) 8060, Guidelines for the Creation of Interoperable Software Identification (SWID) Tags. 

NIST requests comments on an initial public draft report on NISTIR 8053, De-identification of Personally Identifiable Information. This document describes terminology, process and procedures for the removal ...

Draft Special Publication 800-70 Revision 3, National Checklist Program for IT Products--Guidelines for Checklist Users and Developers, has been released for public comment. (NOTE: This draft document has been approved final: December 2015).

NIST announces the second public comment release of Draft NIST Interagency Report (IR) 7966, Security of Interactive and Automated Access Management Using Secure Shell (SSH). (NOTE: This Draft has been approved final Oct. 2015)

NIST announces the public comment release of Draft NIST Interagency Report (IR) 7966, Security of Automated Access Management Using Secure Shell (SSH). (NOTE: This draft & the 2nd draft has been approved as FINAL on October 2015). 

NIST announces the release of Draft Special Publication 800-53A, Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans (Initial Public Draft). 

Draft NIST Interagency Report (IR) 7511 Revision 3, Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements, describes the requirements that must be met by products to achieve SCAP 1.2 Validation.

NIST announces the public comment release of draft NIST Special Publication (SP) 800-40 Revision 3, Guide to Enterprise Patch Management Technologies. Patch management is the process for identifying, acquiring, installing, and verifying patches for products and systems. 

NIST announces the public comment release of Draft NIST Interagency Report (NISTIR) 7848, Specification for the Asset Summary Reporting Format 1.0. NISTIR 7848 defines the Asset Summary Reporting (ASR) format version 1.0, a data model for expressing the data ...