News & Updates

Showing 24 matching records.
December 15, 2020

A new publication formalizes the Common Vulnerabilities and Exposures (CVE) entry metadata submission process that's used in conjunction with the National Vulnerability Database (NVD).

October 26, 2020

NIST SP 800-209, "Security Guidelines for Storage Infrastructure," has been published.

September 24, 2020

NIST has posted a call for comments on "Performance Measurement Guide for Information Security" (SP 800-55 Rev. 1), with a comment period open through December 10, 2020. A new "Measurements for Information Security" project...

July 21, 2020

NIST has released Draft Special Publication (SP) 800-209, "Security Guidelines for Storage Infrastructure," for public comment.  The comment period is open through August 31, 2020.

June 16, 2020

NIST is pleased to announce the release of OSCAL 1.0.0 Milestone 3. This is the third official milestone pre-release of .....

July 30, 2019

NIST has published Cybersecurity Practice Guide Special Publication (SP) 1800-17, "Multifactor Authentication for E-Commerce: Risk-Based, FIDO Universal Second Factor Implementations for Purchasers"

July 17, 2019

The NCCoE has released Draft SP 1800-16, "Securing Web Transactions: Transport Layer Security (TLS) Server Certificate Management," for public comment. The comment period ends September 13, 2019.

June 21, 2019

NIST is pleased to announce the first official release of the Open Security Controls Assessment Language (OSCAL), Version 1.0.0 - Milestone 1. The release.....

December 20, 2018

NIST has published an update to its Risk Management Framework specification, in NIST Special Publication (SP) 800-37 Revision 2.

November 29, 2018

(New comments due date:  February 18, 2019) The NCCoE seeks comments on Volumes A and B of Draft SP 1800-16, "Securing Web Transactions: TLS Server Certificate Management." Public comments are due by February 18, 2019.

November 20, 2018

The NCCoE seeks comments on Volume B ("Approach, Architecture, and Security Characteristics") of Draft SP 1800-19, Trusted Cloud: Security Practice Guide for VMWare Hybrid Cloud Infrastructure as a Service (IaaS)...

November 20, 2018

The NCCoE seeks comments on Volume B ("Approach, Architecture, and Security Characteristics") of Draft SP 1800-19, Trusted Cloud: Security Practice Guide for VMWare Hybrid Cloud Infrastructure as a Service (IaaS)...

October 19, 2018

NIST invites comments on Draft Special Publication 800-179 Rev. 1, "Guide to Securing macOS 10.12 Systems for IT Professionals: A NIST Security Configuration Checklist." The public comment period is open until November 16,...

October 2, 2018

The final public draft of NIST SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations--A System Life Cycle Approach for Security and Privacy, is now available. The public comment period...

September 28, 2018

NIST is seeking comments on Draft SP 1800-18, a practice guide demonstrating Privileged Account Management (PAM) solutions that use commercially available products to appropriately secure and enforce organizational policies....

August 24, 2018

NIST has released a preliminary draft of NIST Special Publication 1800-19A, Trusted Cloud: Security Practice Guide for VMWare Hybrid Cloud Infrastructure as a Service (IaaS) Environments (Executive Summary).

August 23, 2018

According to a recent independent analysis, e-commerce fraud increased by 30 percent in 2017, compared to.....

August 20, 2018

Special Publication (SP) 1800-8 informs healthcare organizations on risks associated with deploying and operating wireless infusion pumps, and how to improve their cybersecurity. They are among the most network-connected...

May 9, 2018

The initial public draft of SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations, is available for public comment until June 22, 2018.

October 3, 2017
Federal Register Number: 2017-21158

The Information Security and Privacy Advisory Board (ISPAB) will meet October 25-27, 2017. All sessions will be open to the public.

September 28, 2017

NIST Announces the Release of a Discussion Draft of Special Publication (SP) 800-37, Revision 2, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy

August 1, 2017

NIST requests public comments on the release of Draft Special Publication (SP) 800-70 Revision 4, National Checklist Program for IT Products: Guidelines for Checklist Users and Developers. 

July 31, 2014

NIST announces the release of Draft Special Publication 800-53A, Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans (Initial Public...

May 8, 2012

NIST announces the public comment release of Draft NIST Interagency Report (NISTIR) 7848, Specification for the Asset Summary Reporting Format 1.0. NISTIR 7848 defines the Asset Summary Reporting (ASR) format version 1.0, a...