The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, Addressing Visibility Challenges with TLS 1.3. Publication of this draft project description begins a process to solicit feedback about the project scope, demonstration scenarios, and high-level architecture.
The NCCoE will solicit participation from industry to build one or more visibility solution examples using commercially available technology, which will address a set of cybersecurity challenges. These challenges impact the ability of some organizations to meet their regulatory, security, and operational requirements due to loss of visibility into the content of communications within their enterprise environments. The project will demonstrate various approaches and practices, which will result in a freely available NIST Cybersecurity Practice Guide that documents a range of approaches for enterprises to regain visibility into the content of TLS-protected information being exchanged within the enterprise environment.
The public comment period for this draft is open through March 29, 2021. See the publication details for a copy of the draft and instructions for submitting comments. You can also help shape and contribute to this project. Join the Community of Interest by sending an email to applied-crypto-visibility@nist.gov.
Security and Privacy: encryption, intrusion detection & prevention, key management
Technologies: networks
Applications: enterprise