Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

News & Updates

Showing 15 matching records.
Implementing a Zero Trust Architecture: SP 1800-35
June 10, 2025

NIST Special Publication 1800-35, "Implementing a Zero Trust Architecture," provides results and best practices from NCCoE's work with 24 vendors to demonstrate end-to-end zero trust architecture.

NIST Publishes Draft CSWP 42 for Public Comment
April 14, 2025

NIST CSWP 42, Towards Automating IoT Security: Implementing Trusted Network -Layer Onboarding, is available for public comment. The comment period is open through May 29, 2025.

Comment on Two NIST Genomic Data Cybersecurity and Privacy Drafts
December 17, 2024

The second public draft of NIST Internal Report (IR) 8467, "Genomic Data Cybersecurity and Privacy Frameworks Community Profile" and the initial public draft of NIST Cybersecurity White Paper (CSWP) 35, "Cybersecurity Threat Modeling the Genomic Data Sequencing Workflow" are open for public comment through January 30, 2025.

NIST Guidance on Implementing a ZTA
December 5, 2024

The NIST National Cybersecurity Center of Excellence (NCCoE) has released the draft of the practice guide, Implementing a Zero Trust Architecture (NIST SP 1800-35), for public comment. The public comment period is open through January 31, 2025.

New NIST Errata Update - C-SCRM
November 1, 2024

NIST has released an errata update to its foundational publication on managing cybersecurity risks in supply chains.

NIST Publishes SP 800-204D
February 12, 2024

NIST is releasing Special Publication (SP) 800-204D, Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD Pipelines.

Cybersecurity of Genomic Data: NIST IR 8432
December 20, 2023

The NIST National Cybersecurity Center of Excellence has released NIST Internal Report (IR) 8432, "Cybersecurity of Genomic Data."

NIST SP 800-204D ipd Available for Comment
August 30, 2023

The initial public draft (ipd) of NIST Special Publication (SP) 800-204D, Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD Pipelines, is now available for public comment.

Draft NIST IR 8432 Available for Public Comment
March 3, 2023

The National Cybersecurity Center of Excellence (NCCoE) has published the initial public draft of NIST Internal Report (NIST IR) 8432, Cybersecurity of Genomic Data.

NIST IoT Cybersecurity Program Releases Two New Documents
September 20, 2022

The National Institute of Standards and Technology (NIST) Cybersecurity for the Internet of Things (IoT) program has released two new documents: NIST IR 8425 and NIST IR 8431.

C-SCRM Guidance: NIST SP 800-161r1
May 5, 2022

NIST has released a revised publication, "Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations," NIST Special Publication 800-161r1.

NIST Released 2 Enterprise Patch Management SPs
April 6, 2022

NIST's National Cybersecurity Center of Excellence (NCCoE) has released two new final publications on enterprise patch management - Special Publication 800-40 Revision 4 and Special Publication 1800-31.

NIST Updates the Secure Software Development Framework (SSDF)
February 4, 2022

The SSDF has been updated to version 1.1 in the new release of NIST Special Publication (SP) 800-218.

Enterprise Patch Management: Draft Publications Available for Comment
November 17, 2021

Two draft publications on enterprise patch management are available for public comment through January 10, 2022: Draft SP 800-40 Rev. 4 and Draft SP 1800-31.

SSDF v1.1: Draft SP 800-218 Available for Comment
September 30, 2021

Draft NIST Special Publication (SP) 800-218, "Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities," is open for comment through Nov. 5, 2021.