You are viewing this page in an unauthorized frame window.
This is a potential security issue, you are being redirected to https://csrc.nist.gov.
An official website of the United States government
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Internal and external reporting of security vulnerabilities in software and information systems owned or utilized by the Federal Government is critical to mitigating risk, establishing a robust security posture, and...
The National Cybersecurity Center of Excellence (NCCoE) has released the initial public draft of NIST SP 1800-34, Validating the Integrity of Computing Devices. Comments are due July 25, 2022.
Today, NIST is seeking public comments on NIST IR 8409 ipd (initial public draft), Measuring the Common Vulnerability Scoring System Base Score Equation.
NIST's National Cybersecurity Center of Excellence (NCCoE) has released two new final publications on enterprise patch management - Special Publication 800-40 Revision 4 and Special Publication 1800-31.
Two draft publications on enterprise patch management are available for public comment through January 10, 2022: Draft SP 800-40 Rev. 4 and Draft SP 1800-31.
Draft NIST Special Publication (SP) 800-218, "Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities," is open for comment through Nov. 5, 2021.
The NCCoE has released a preliminary draft of NIST Special Publication (SP) 1800-34 Volume B, and the comment period is open through September 29, 2021.
NIST invites comments on Draft NIST Special Publication (SP) 800-216, "Recommendations for Federal Vulnerability Disclosure Guidelines." The public comment period is open through August 9, 2021.
A new publication formalizes the Common Vulnerabilities and Exposures (CVE) entry metadata submission process that's used in conjunction with the National Vulnerability Database (NVD).
NIST has released a Draft NIST Cybersecurity White Paper on "Methodology for Characterizing Network Behavior of Internet of Things Devices." The public comment period ends May 1, 2020.
The NCCoE has released Draft SP 1800-24, "Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector," for public comment. The comment period ends November 18, 2019.
NIST has released Draft NIST Internal Report (NISTIR) 8221, which analyzes recent vulnerabilities associated with two open-source hypervisors--Xen and KVM--as reported by the NIST National Vulnerability Database. The public...
Draft NIST Special Publication (SP) 800-163 Revision 1, Vetting the Security of Mobile Applications, defines the app vetting process—a software assurance method for mobile applications. Revision 1 updates this publication to...
NIST is releasing NIST Internal Report (NISTIR) 8179, Criticality Analysis Process Model: Prioritizing Systems and Components, to help organizations identify those systems and components that are most vital and which may need...
Application Containers are slowly finding adoption in enterprise IT infrastructures. To address security concerns associated with deployment of application container platforms, NIST Special Publication 800-190 (2nd...
NIST requests public comments on the release of Draft Special Publication (SP) 800-70 Revision 4, National Checklist Program for IT Products: Guidelines for Checklist Users and Developers.