News & Updates

NIST is publishing Special Publication (SP) 800-171A, Assessing Security Requirements for Controlled Unclassified Information (CUI). It is intended to help organizations develop assessment plans and conduct efficient, effective, and cost-effective assessments of CUI security reqs in 800-171.

Server Virtualization is now a key component for enterprise IT infrastructure in data centers and cloud services. Virtual servers provide.....

Today, NIST is releasing an update for Special Publication (SP) 800-171 Revision 1, Protecting Controlled.....

"A Data Structure for Integrity Protection with Erasure Capability" is a draft white paper available for public comment until August 3, 2018. It describes a "block matrix" data structure .

NIST is seeking public comments on Draft NISTIR 8204, Cybersecurity Framework Online Informative References (OLIR) Submissions: Specification for Completing the OLIR Template. The public comment period is open until July 16, 2018.

The National Institute of Standards and Technology (NIST) is requesting comments on a proposed process to.....

Data recovered from digital devices is often helpful in providing clues for incidents and potential criminal.....

The initial public draft of SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations, is available for public comment until June 22, 2018.

NIST announces the release of Special Publication 800-193, Platform Firmware Resiliency Guidelines, a document that provides technical guidelines and recommendations supporting resiliency of the collection of hardware and firmware components of a computer system, also called the platform.

NIST has published NIST Internal Report (NISTIR) 7511 Revision 5, Security Content Automation Protocol (SCAP) Version 1.3 Validation Program Test Requirements.

NIST has updated the federal agency organizational codes specified in Special Publication (SP) 800-87, Codes for the Identification of Federal and Federally-Assisted Organizations. The changes included in this update, Revision 2, are summarized in the revision history in Appendix A.

Secret cryptographic keying material may be electronically established between parties by using a.....

Ensuring the Security of Virtualized Server Platforms Against Potential Threats: NIST Releases Draft Special Publication 800-125A Revision 1, Security Recommendations for Server-based Hypervisor Platforms

Best practices for organizations to manage cryptographic keys:  NIST releases Draft SP 800-57 Part 2 Revision 1 for public comment

NIST is releasing NIST Internal Report (NISTIR) 8179, Criticality Analysis Process Model: Prioritizing Systems and Components, to help organizations identify those systems and components that are most vital and which may need additional security or other protections.

When software programs in a network are unmanaged, or unidentified, they are vulnerable to attacks, and.....

To address these issues, NIST’s Computer Forensics Tools Testing (CFTT) program tests computer forensic tools to ensure that.....

The United States continues to have complete dependence on information technology deployed in critical infrastructure systems and applications in both the....

An increasing number of people and organizations are using smart, interconnected devices, which form....

Access control is the process of defining and limiting which users are allowed access to particular resources.  NIST researchers have recently published a book on Attribute-based access control (ABAC), one of the latest development in a series of access control models going back more than 40 years.

The Information Security and Privacy Advisory Board (ISPAB) will meet Thursday, March 15, 2018 from 9:00 a.m. until 5:00 p.m., Eastern Time, and Friday, March 16, 2018 from 9:00 a.m. until 4:30 p.m. Eastern Time. All sessions will be open to the public....

NIST announces the release of the Final Draft of Special Publication 800-171A.....

NIST announces the release of the second errata update for SP 800-171 Revision 1.....

NIST has released a Draft NIST Interagency Report (NISTIR) 8200, Interagency Report on Status of International Cybersecurity Standardization for the Internet of Things (IoT). Comments will be accepted until April 18, 2018.

Today, NIST published the technical specification for the Security Content Automation Protocol (SCAP) version 1.3.