Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

News & Updates

Showing 1 through 25 of 38 matching records.
NIST has released Cybersecurity White Paper (CSWP) 30
December 6, 2023

NIST has released Cybersecurity White Paper (CSWP) 30, Automation Support for Control Assessments – Project Update and Vision, which describes planned updates to the NIST Interagency Report (IR) 8011 series.

Updated macOS Security Guidance and Resources
July 20, 2023

NIST has released the final version of Special Publication (SP) 800-219 Revision 1, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP).

Preliminary Draft NIST SP 1800-40A
June 7, 2023

The National Cybersecurity Center of Excellence (NCCoE) has released a preliminary practice guide, Automation of the NIST Cryptographic Module Validation Programfor public comment through July 25, 2023.  

Draft NIST SP 800-219r1 Available for Comment
March 13, 2023

NIST requests comments on the initial public draft of Special Publication (SP) 800-219r1, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP).

Call for Feedback: NIST IR 8011 Series Adoption
February 22, 2023

NIST Interagency Report (IR) 8011, Automation Support for Security Control Assessments, provides guidance on automating the assessment of controls that can be tested.

Draft NIST Special Publication 800-219 is Available for Comment
February 17, 2022

NIST requests comments on Draft Special Publication (SP) 800-219, "Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP)." The public comment period closes on March 23, 2022.

Automation of the CMVP: Final Project Description
July 1, 2021

NIST's National Cybersecurity Center of Excellence has released a final Project Description for "Automation of the Cryptographic Module Validation Program (CMVP)."

NIST Releases OSCAL 1.0.0
June 10, 2021

NIST's OSCAL 1.0.0 provides a stable release for wide-scale implementation.

Mitigating Network-Based Attacks on IoT Devices Using MUD: NIST SP 1800-15
May 26, 2021

NIST has published a new Cybersecurity Practice Guide, NIST Special Publication (SP) 1800-15, "Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)."

NIST Publishes NISTIR 8246: CVMAP for CNAs, ADPs
December 15, 2020

A new publication formalizes the Common Vulnerabilities and Exposures (CVE) entry metadata submission process that's used in conjunction with the National Vulnerability Database (NVD).

Final Public Draft of SP 1800-15 Now Available
September 16, 2020

NIST has released the final public draft of NIST Cybersecurity Practice Guide SP 1800-15, "Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)." The comment period closes October 16, 2020.

OSCAL 1.0.0 Milestone 3 Release
June 16, 2020

NIST is pleased to announce the release of OSCAL 1.0.0 Milestone 3. This is the third official milestone pre-release of .....

NIST Publishes NISTIR 8011 Vol. 4
April 28, 2020

NIST has published Volume 4 of NISTIR 8011:  "Automation Support for Security Control Assessments: Software Vulnerability Management."

NIST Updates SP 800-128
October 15, 2019

NIST has updated Special Publication (SP) 800-128, "Guide for Security-Focused Configuration Management of Information Systems"

Open Security Controls Assessment Language Milestone
June 21, 2019

NIST is pleased to announce the first official release of the Open Security Controls Assessment Language (OSCAL), Version 1.0.0 - Milestone 1. The release.....

NCCoE Draft Project Descriptions for SMBs and Manufacturing
June 17, 2019

The NCCoE has posted two draft Project Descriptions for public comment. Detecting and protecting against data integrity attacks in industrial control systems (ICS) closes July 25th. Continuous Monitoring (for small and medium businesses) is closes on July 26th.

NCCoE Releases Draft SP 1800-15 for Comment
April 25, 2019

The NCCoE has release a preliminary draft of Special Publication (SP) 1800-15 for public comment. Comments are due by June 24, 2019.

NIST Publishes SP 800-163 Rev. 1
April 19, 2019

NIST publishes Special Publication (SP) 800-163 Revision 1, "Vetting the Security of Mobile Applications."

NIST Publishes NISTIR 8011 Vol. 3
December 6, 2018

NIST has published NISTIR 8011 Volume 3, "Automation Support for Security Control Assessments: Software Asset Management."

NCCoE Releases Draft NISTIR 8219 for Comment
November 7, 2018

NIST's NCCoE has released Draft NIST Internal Report (NISTIR) 8219, "Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection." Public comments may be submitted until December 6, 2018.

NIST Releases Draft SP 800-179 Rev. 1 for Comment
October 19, 2018

NIST invites comments on Draft Special Publication 800-179 Rev. 1, "Guide to Securing macOS 10.12 Systems for IT Professionals: A NIST Security Configuration Checklist." The public comment period is open until November 16, 2018. 

NIST Releases Draft SP 800-163 Rev. 1 for Public Comment
July 23, 2018

Draft NIST Special Publication (SP) 800-163 Revision 1, Vetting the Security of Mobile Applications, defines the app vetting process—a software assurance method for mobile applications. Revision 1 updates this publication to address changes in the mobile landscape. Comments are due Sep. 6, 2018.

NIST Publishes NISTIR 7511 Rev. 5
April 23, 2018

NIST has published NIST Internal Report (NISTIR) 7511 Revision 5, Security Content Automation Protocol (SCAP) Version 1.3 Validation Program Test Requirements.

NIST Releases Draft NISTIR 8011 Volume 3
April 5, 2018

When software programs in a network are unmanaged, or unidentified, they are vulnerable to attacks, and.....

1     2  next >  last >>