A new publication formalizes the Common Vulnerabilities and Exposures (CVE) entry metadata submission process that's used in conjunction with the National Vulnerability Database (NVD).
NIST has posted a call for comments on "Performance Measurement Guide for Information Security" (SP 800-55 Rev. 1), with a comment period open through December 10, 2020. A new "Measurements for Information Security" project...
NIST has released Draft Special Publication (SP) 800-209, "Security Guidelines for Storage Infrastructure," for public comment. The comment period is open through August 31, 2020.
NIST has published Cybersecurity Practice Guide Special Publication (SP) 1800-17, "Multifactor Authentication for E-Commerce: Risk-Based, FIDO Universal Second Factor Implementations for Purchasers"
The NCCoE has released Draft SP 1800-16, "Securing Web Transactions: Transport Layer Security (TLS) Server Certificate Management," for public comment. The comment period ends September 13, 2019.
NIST is pleased to announce the first official release of the Open Security Controls Assessment Language (OSCAL), Version 1.0.0 - Milestone 1. The release.....
(New comments due date: February 18, 2019) The NCCoE seeks comments on Volumes A and B of Draft SP 1800-16, "Securing Web Transactions: TLS Server Certificate Management." Public comments are due by February 18, 2019.
The NCCoE seeks comments on Volume B ("Approach, Architecture, and Security Characteristics") of Draft SP 1800-19, Trusted Cloud: Security Practice Guide for VMWare Hybrid Cloud Infrastructure as a Service (IaaS)...
The NCCoE seeks comments on Volume B ("Approach, Architecture, and Security Characteristics") of Draft SP 1800-19, Trusted Cloud: Security Practice Guide for VMWare Hybrid Cloud Infrastructure as a Service (IaaS)...
NIST invites comments on Draft Special Publication 800-179 Rev. 1, "Guide to Securing macOS 10.12 Systems for IT Professionals: A NIST Security Configuration Checklist." The public comment period is open until November 16,...
The final public draft of NIST SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations--A System Life Cycle Approach for Security and Privacy, is now available. The public comment period...
NIST is seeking comments on Draft SP 1800-18, a practice guide demonstrating Privileged Account Management (PAM) solutions that use commercially available products to appropriately secure and enforce organizational policies....
NIST has released a preliminary draft of NIST Special Publication 1800-19A, Trusted Cloud: Security Practice Guide for VMWare Hybrid Cloud Infrastructure as a Service (IaaS) Environments (Executive Summary).
Special Publication (SP) 1800-8 informs healthcare organizations on risks associated with deploying and operating wireless infusion pumps, and how to improve their cybersecurity. They are among the most network-connected...
The initial public draft of SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations, is available for public comment until June 22, 2018.
NIST Announces the Release of a Discussion Draft of Special Publication (SP) 800-37, Revision 2, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy
NIST requests public comments on the release of Draft Special Publication (SP) 800-70 Revision 4, National Checklist Program for IT Products: Guidelines for Checklist Users and Developers.
NIST announces the release of Draft Special Publication 800-53A, Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans (Initial Public...
NIST announces the public comment release of Draft NIST Interagency Report (NISTIR) 7848, Specification for the Asset Summary Reporting Format 1.0. NISTIR 7848 defines the Asset Summary Reporting (ASR) format version 1.0, a...