This is a potential security issue, you are being redirected to https://csrc.nist.gov.
These are reference sources for frameworks, algorithms validation, software assurance, testing, and other measurements related to information security.
Combinatorial or t-way testing is a proven method for more effective software testing at lower cost. The research toolkit can make sure that there are no simultaneous input combinations that might inadvertently cause a dangerous error.
The NIST Cryptographic Algorithm Validation Program provides validation testing of Approved (i.e., FIPS-approved and NIST-recommended) cryptographic algorithms and their individual components.
The Cryptographic Module Validation Program is a joint effort between NIST and the Canadian Centre for Cyber Security (CCCS), a branch of the Communications Security Establishment (CSE)) that validates cryptographic modules to Federal Information Processing Standards.
This document provides instructions and definitions for completing the Cybersecurity Framework (CSF) Online Informative References (OLIR) spreadsheet template.
The National Software Reference Library project is supported by the U.S. Department of Homeland Security, federal, state, and local law enforcement, and the National Institute of Standards and Technology (NIST) to promote efficient and effective use of computer technology in the investigation of crimes involving computers.
The repository of standards-based vulnerability management data that enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.
The project is dedicated to improving software assurance by developing methods to enable software tool evaluations, measuring the effectiveness of tools and techniques, and identifying gaps in tools and methods. The scope of the SAMATE project is broad: ranging from operating systems to firewalls, SCADA to web applications, source code security analyzers to correct-by-construction methods.
To properly manage software, enterprises need to maintain accurate software inventories of their managed devices in support of higher-level business, information technology, and cybersecurity functions. SWID Tags provide a transparent way for organizations to track the software installed on their managed devices.