News & Updates

NIST has released the final version of Special Publication (SP) 800-219 Revision 1, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP).

The National Cybersecurity Center of Excellence (NCCoE) has released a preliminary practice guide, Automation of the NIST Cryptographic Module Validation Program, for public comment through July 25, 2023.  

NIST requests comments on the initial public draft of Special Publication (SP) 800-219r1, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP).

NIST Interagency Report (IR) 8011, Automation Support for Security Control Assessments, provides guidance on automating the assessment of controls that can be tested.

NIST has released the final version of Special Publication (SP) 800-219, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP). 

NIST requests comments on Draft Special Publication (SP) 800-219, "Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP)." The public comment period closes on March 23, 2022.

NIST's National Cybersecurity Center of Excellence has released a final Project Description for "Automation of the Cryptographic Module Validation Program (CMVP)."

NIST's OSCAL 1.0.0 provides a stable release for wide-scale implementation.

NIST has published a new Cybersecurity Practice Guide, NIST Special Publication (SP) 1800-15, "Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage...

A new publication formalizes the Common Vulnerabilities and Exposures (CVE) entry metadata submission process that's used in conjunction with the National Vulnerability Database (NVD).

NIST has released the final public draft of NIST Cybersecurity Practice Guide SP 1800-15, "Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage...

NIST is pleased to announce the release of OSCAL 1.0.0 Milestone 3. This is the third official milestone pre-release of .....

NIST has published Volume 4 of NISTIR 8011:  "Automation Support for Security Control Assessments: Software Vulnerability Management."

NIST has updated Special Publication (SP) 800-128, "Guide for Security-Focused Configuration Management of Information Systems"

NIST is pleased to announce the first official release of the Open Security Controls Assessment Language (OSCAL), Version 1.0.0 - Milestone 1. The release.....

The NCCoE has posted two draft Project Descriptions for public comment. Detecting and protecting against data integrity attacks in industrial control systems (ICS) closes July 25th. Continuous Monitoring (for small and medium...

The NCCoE has release a preliminary draft of Special Publication (SP) 1800-15 for public comment. Comments are due by June 24, 2019.

NIST publishes Special Publication (SP) 800-163 Revision 1, "Vetting the Security of Mobile Applications."

NIST has published NISTIR 8011 Volume 3, "Automation Support for Security Control Assessments: Software Asset Management."

NIST's NCCoE has released Draft NIST Internal Report (NISTIR) 8219, "Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection." Public comments may be submitted until December 6, 2018.

NIST invites comments on Draft Special Publication 800-179 Rev. 1, "Guide to Securing macOS 10.12 Systems for IT Professionals: A NIST Security Configuration Checklist." The public comment period is open until November 16,...

Draft NIST Special Publication (SP) 800-163 Revision 1, Vetting the Security of Mobile Applications, defines the app vetting process—a software assurance method for mobile applications. Revision 1 updates this publication to...

NIST has published NIST Internal Report (NISTIR) 7511 Revision 5, Security Content Automation Protocol (SCAP) Version 1.3 Validation Program Test Requirements.

When software programs in a network are unmanaged, or unidentified, they are vulnerable to attacks, and.....

Today, NIST published the technical specification for the Security Content Automation Protocol (SCAP) version 1.3.