News & Updates

The NIST Risk Management Framework (RMF) Team has released the initial public draft (ipd) of NIST Internal Report (IR) 8011r1 (Revision 1), Testable Controls and Security Capabilities for Continuous Monitoring. The public comment period is open through Friday, April 4, 2025.

NIST has published Special Publication (SP) 800-210, "General Access Control Guidance for Cloud Systems."

NIST is pleased to announce the release of OSCAL 1.0.0 Milestone 3. This is the third official milestone pre-release of .....

NIST has published Special Publication (SP) 800-137A, "Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment."

NIST has released Draft Special Publication (SP) 800-210, "General Access Control Guidance for Cloud Systems," for public comment. The comment period is open through May 15, 2020.

NIST has published NIST SP 800-204, Security Strategies for Microservices-based Application Systems.

NIST has published Cybersecurity Practice Guide Special Publication (SP) 1800-17, "Multifactor Authentication for E-Commerce: Risk-Based, FIDO Universal Second Factor Implementations for Purchasers"

NIST is pleased to announce the first official release of the Open Security Controls Assessment Language (OSCAL), Version 1.0.0 - Milestone 1. The release.....

NIST is releasing Draft Special Publication (SP) 800-204, "Security Strategies for Microservices-based Application Systems." Public comments are due by April 26, 2019.

The National Cybersecurity Center of Excellence (NCCoE) at NIST is seeking comments on a draft project description, Securing Telehealth Remote Patient Monitoring Ecosystem: Cybersecurity for the Healthcare Sector. Comments are due by December 21, 2018.

According to a recent independent analysis, e-commerce fraud increased by 30 percent in 2017, compared to.....

When software programs in a network are unmanaged, or unidentified, they are vulnerable to attacks, and.....