News & Updates

The initial public draft of NIST IR 8587, "Protecting Tokens and Assertions from Forgery, Theft, and Misuse: Implementation Recommendations for Agencies and Cloud Service Providers," is now available for public comment through January 30, 2026.

NIST has published Special Publication (SP) 800-228, Guidelines for API Protection for Cloud-Native Systems.

The initial public draft (IPD) of NIST Special Publication (SP) 800-234, "High-Performance Computing (HPC) Security Overlay," is now available for public comment. The due date has been extended to August 4, 2025.

The initial public draft (ipd) of NIST Special Publication (SP) 800-228, Guidelines for API Protection for Cloud-Native Systems, is now available for public comment.

The NCCoE has released for public comment the draft of NIST Cybersecurity White Paper (CSWP) 34, Mitigating Cybersecurity and Privacy Risks in Telehealth Smart Home Integration. The comment period for the draft is now open through January 21, 2025.

IST has published Special Publication (SP) 800-233, Service Mesh Proxy Models for Cloud-Native Applications, which performs detailed threat analysis of the various proxy models in the service mesh architecture of cloud-native applications to develop a threat profile and provide recommendations for their applicability.

NIST has published NIST Interagency Report (IR) 8505, A Data Protection Approach for Cloud-Native Applications.

The final version of NIST Special Publication (SP) 800-201, NIST Cloud Computing Forensic Reference Architecture, is now available.

The initial public draft of NIST Special Publication (SP) 800-233, Service Mesh Proxy Models for Cloud-Native Applications, is now available for public comment. The deadline to submit comments is September 3, 2024.

The initial public draft of NIST Internal Report (IR) 8505, A Data Protection Approach for Cloud-Native Applications, is now available for public comment.

The Access Control Rule Logic Circuit Simulation (ACRLCS) has been updated and is now available from the CSRC project webpage.

NIST has published Special Publication (SP) 800-223, High-Performance Computing Security: Architecture, Threat Analysis, and Security Posture.

NIST announces the release of Special Publication (SP) 800-207A, A Zero Trust Architecture Model for Access Control in Cloud-Native Applications in Multi-Location Environments.

The initial public draft (ipd) of NIST Special Publication (SP) 800-204D, Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD Pipelines, is now available for public comment.

The initial public draft of NIST Special Publication (SP) 800-207A, "A Zero Trust Architecture Model for Access Control in Cloud-Native Applications in Multi-Location Environments," is now available for public comment through June 7, 2023. 

The initial public draft of NIST Special Publication (SP) 800-201, NIST Cloud Computing Forensic Reference Architecture, is now available for public comment.

NIST has published Special Publication (SP) 800-215, Guide to a Secure Enterprise Network Landscape.

The National Cybersecurity Center of Excellence (NCCoE) has released the final project description, Software Supply Chain and DevOps Security Practices: Implementing a Risk-Based Approach to DevSecOps.

The Zero Trust Architecture (ZTA) team at NIST’s National Cybersecurity Center of Excellence (NCCoE) invites public comments on volumes C-D of a preliminary draft practice guide “Implementing a Zero Trust Architecture”. Deadline to submit comments is September 9, 2022.

The initial public draft of NIST Special Publication (SP) 800-215, Guide to a Secure Enterprise Network Landscape, provides guidance for navigating this new enterprise network landscape from a secure operations perspective. The deadline to submit comments is September 19, 2022.

The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, Software Supply Chain and DevOps Security Practices: Implementing a Risk-Based Approach to DevSecOps. 

The Zero Trust Architecture (ZTA) team at NIST's National Cybersecurity Center of Excellence (NCCoE) has published volume A of a preliminary draft practice guide titled "Implementing a Zero Trust Architecture". The deadline to submit comments is July 5, 2022.

The National Cybersecurity Center of Excellence (NCCoE) announces the release of NIST Internal Report (NISTIR) 8320, Hardware-Enabled Security: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases.

The National Cybersecurity Center of Excellence (NCCoE) has released a new preliminary draft publication, Special Publication (SP) 1800-33 Volume B, 5G Cybersecurity: Approach, Architecture, and Security Characteristics. Comments are due by June 27, 2022.

The National Cybersecurity Center of Excellence has two final publications (NIST SP 1800-19, NIST IR 8320B) and an initial public draft (NIST IR 8320C) on trusted cloud and hardware-enabled security.