News & Updates

NIST Special Publication (SP) 800-70r5 ipd (Revision 5, initial public draft), National Checklist Program for IT Products – Guidelines for Checklist Users and Developers, is now available for public comment through January 16, 2026, at 11:59 PM (EST).

The NCCoE is releasing three publications to help secure IoT devices and their networks: Cybersecurity White Paper 42, Internal Report 8350, and Special Publication 1800-36.

NIST CSWP 42, Towards Automating IoT Security: Implementing Trusted Network -Layer Onboarding, is available for public comment. The comment period is open through May 29, 2025.

NIST has released the initial public draft (IPD) of Revision 1 of NIST Special Publication (SP) 800-189, Border Gateway Protocol Security and Resilience. The public comment period ends February 25, 2025.

NIST has published Special Publication (SP) 800-223, High-Performance Computing Security: Architecture, Threat Analysis, and Security Posture.

NIST has released the final version of Special Publication (SP) 800-219 Revision 1, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP).

NIST Special Publication (SP) 800-124 Revision 2, Guidelines for Managing the Security of Mobile Devices in the Enterprise, assists organizations in managing and securing mobile devices against the ever-evolving threats.

NIST requests comments on the initial public draft of Special Publication (SP) 800-219r1, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP).

NIST has released the final version of Special Publication (SP) 800-219, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP). 

The National Cybersecurity Center of Excellence (NCCoE) has released the initial public draft of NIST SP 1800-34, Validating the Integrity of Computing Devices. Comments are due July 25, 2022.

NIST requests comments on Draft Special Publication (SP) 800-219, "Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP)." The public comment period closes on March 23, 2022.

The NCCoE has released a preliminary draft of NIST Special Publication (SP) 1800-34 Volume B, and the comment period is open through September 29, 2021.

NIST has published a new Cybersecurity Practice Guide, NIST Special Publication (SP) 1800-15, "Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)."

NIST SP 800-209, "Security Guidelines for Storage Infrastructure," has been published.

NIST has released the final public draft of NIST Cybersecurity Practice Guide SP 1800-15, "Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)." The comment period closes October 16, 2020.

NIST has released Draft Special Publication (SP) 800-209, "Security Guidelines for Storage Infrastructure," for public comment.  The comment period is open through August 31, 2020.

NIST has released Draft SP 800-124 Revision 2, "Guidelines for Managing the Security of Mobile Devices in the Enterprise," for public comment. The comment period ends June 26, 2020.

NIST has released a second public draft of Special Publication 800-189, "Resilient Interdomain Traffic Exchange: BGP Security and DDoS Mitigation." The public comment period closes November 15, 2019.

NIST has updated Special Publication (SP) 800-128, "Guide for Security-Focused Configuration Management of Information Systems"

The NCCoE has release a preliminary draft of Special Publication (SP) 1800-15 for public comment. Comments are due by June 24, 2019.

(New comments due date:  March 15, 2019) Draft Special Publication 800-189, "Secure Interdomain Traffic Exchange: BGP Robustness and DDoS Mitigation," is now available for comment. The deadline for submitting comments is March 15, 2019.

NIST invites comments on Draft Special Publication 800-179 Rev. 1, "Guide to Securing macOS 10.12 Systems for IT Professionals: A NIST Security Configuration Checklist." The public comment period is open until November 16, 2018. 

NIST announces the release of NIST Interagency Report (NISTIR) 8176, Security Assurance Requirements for Linux Application Container Deployments

NIST's National Cybersecurity Center of Excellence (NCCoE) Releases Draft SP 1800-12, Derived Personal Identity Verification (PIV) Credentials

Application Containers are slowly finding adoption in enterprise IT infrastructures. To address security concerns associated with deployment of application container platforms, NIST Special Publication 800-190 (2nd Draft), Application Container Security Guide, identified security threats