U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Projects

Showing 9 matching records.
DevSecOps
NCCoE DevSecOps project has launched! The NIST NCCoE has launched a new project, Software Supply Chain and DevOps Security Practices. In early 2023, the project team will be publishing a Federal Register Notice based on the final project description to solicit collaborators to work with the NCCoE on the project.   DevOps brings together software development and operations to shorten development cycles, allow organizations to be agile, and maintain the pace of innovation while taking...
Federal Cybersecurity and Privacy Professionals Forum
The Federal Cybersecurity and Privacy Professionals Forum is an informal group sponsored by the National Institute of Standards and Technology (NIST) to promote the sharing of cybersecurity and privacy knowledge, best practices, and resources among U.S. federal, state, and local government, and higher education organizations.  The Federal Cybersecurity and Privacy Professionals Forum ("the Forum") maintains an extensive email list, and holds quarterly meetings - including an annual 2-day...
Information Security and Privacy Advisory Board ISPAB
In January 1988, the Congress enacted the Computer Security Act of 1987 (Public Law 100-235). A provision of that law called for the establishment of the Computer System Security and Privacy Advisory Board (CSSPAB) within the Department of Commerce. In accordance with the Federal Advisory Committee Act, as amended, 5 U.S.C., App., the Board was chartered in May 1988. In December 2002, Public Law 107-347, The E-Government Act of 2002, Title III, the Federal Information Security Management Act of...
Multi-Cloud Security Public Working Group MCSPWG
Cloud computing has become the core accelerator of the US Government's digital business transformation. NIST is establishing a Multi-Cloud Security Public Working Group (MCSPWG) to research best practices for securing complex cloud solutions involving multiple service providers and multiple clouds.   The White House Executive Order on Improving the Nation's Cybersecurity highlights that “the Federal Government needs to make bold changes and significant investments in order to defend the vital...
National Software Reference Library NSRL
[Redirect to: https://www.nist.gov/itl/ssd/software-quality-group/national-software-reference-library-nsrl] The National Software Reference Library (NSRL) is designed to collect software from various sources and incorporate file profiles computed from this software into a Reference Data Set (RDS) of information. The RDS can be used by law enforcement, government, and industry organizations to review files on a computer by matching file profiles in the RDS. This will help alleviate much of the...
NCCoE | Data Security
[Redirect to https://www.nccoe.nist.gov/projects/building-blocks/data-security] The Data Security program at the National Cybersecurity Center of Excellence (NCCoE) has produced guidance for both data integrity and data confidentiality. Each will consist of a series of publications that work together to identify, protect, detect, respond to, and recover from critical events.
NIST Cybersecurity for IoT Program
[Redirect to https://www.nist.gov/programs-projects/nist-cybersecurity-iot-program] NIST’s Cybersecurity for the Internet of Things (IoT) program supports the development and application of standards, guidelines, and related tools to improve the cybersecurity of connected devices and the environments in which they are deployed. By collaborating with stakeholders across government, industry, international bodies, and academia, the program aims to cultivate trust and foster an environment that...
NIST Risk Management Framework RMF
Recent Updates: July 13, 2022: First online comment period using the SP 800-53 Public Comment Site open through August 12, 2022. View and comment on proposed changes (“candidates”) to SP 800-53 Rev. 5 controls. June 3, 2022: NIST Cybersecurity Framework and Supply Chain Risk Management Request for Information | Initial Summary Analysis of Responses  February 2, 2022: Request for Information | Evaluating and Improving NIST Cybersecurity Resources: The NIST Cybersecurity Framework and...
Usable Cybersecurity
We are the Usable Cybersecurity team within the National Institute of Standards and Technology (NIST) Visualization and Usability Group. Our multi-disciplinary team conducts research at the intersection of cybersecurity, human factors, cognitive science, and psychology to “champion the human in cybersecurity.” Through research and other human-centered projects, we seek to better understand and improve people’s interactions with cybersecurity systems, products, and services....