News & Updates

NIST has posted a call for comments on "Performance Measurement Guide for Information Security" (SP 800-55 Rev. 1), with a comment period open through December 10, 2020. A new "Measurements for Information Security" project...

NIST has published NISTIR 8272, "Impact Analysis Tool for Independent Cyber Supply Chain Risks."

NIST has published NISTIR 8214A, "NIST Roadmap Toward Criteria for Threshold Schemes for Cryptographic Primitives."

NIST is pleased to announce the release of OSCAL 1.0.0 Milestone 3. This is the third official milestone pre-release of .....

NIST has released a Draft NIST Cybersecurity White Paper on "Methodology for Characterizing Network Behavior of Internet of Things Devices." The public comment period ends May 1, 2020.

NIST has published seven documents in the SP 800-140x subseries--supporting documents for FIPS 140-3 and the Cryptographic Module Validation Program.

NIST is soliciting comments on Draft NISTIR 8272, "Impact Analysis Tool for Interdependent Cyber Supply Chain Risks." The public comment period ends April 17, 2020.

NIST has released the Draft Special Publication (SP) 800-140x subseries for public comment. They directly support FIPS 140-3 and the Cryptographic Module Validation Program (CMVP). Comments are due by December 9, 2019.

NIST is pleased to announce the first official release of the Open Security Controls Assessment Language (OSCAL), Version 1.0.0 - Milestone 1. The release.....

NIST has release a draft white paper for public comment: "An Application of Combinatorial Methods for Explainability in Artificial Intelligence and Machine Learning." Comments are due by July 3, 2019.

A new release of the Access Control Policy Tool (ACPT) is now available for download.

FIPS 140-3, "Security Requirements for Cryptographic Modules," was approved on March 22, 2019 and announced in the Federal Register on May 1, 2019. FIPS 140-3 supersedes FIPS 140-2.

NIST publishes Special Publication (SP) 800-163 Revision 1, "Vetting the Security of Mobile Applications."

NIST announces the publication of NIST Internal Report (NISTIR) 8214, Threshold Schemes for Cryptographic Primitives.

NIST has published NISTIR 8011 Volume 3, "Automation Support for Security Control Assessments: Software Asset Management."

[9/18/18--TEMPORARILY WITHDRAWN. TO BE RE-POSTED AT A LATER DATE] Draft NISTIR 8222 identifies 17 technical trust-related issues that may negatively impact the adoption of IoT products and services.

NIST announces the release of Draft NISTIR 8214, Threshold Schemes for Cryptographic Primitives. This publication provides a high-level overview of the possibilities that threshold schemes bring for enhancing the robustness...

Draft NIST Special Publication (SP) 800-163 Revision 1, Vetting the Security of Mobile Applications, defines the app vetting process—a software assurance method for mobile applications. Revision 1 updates this publication to...

NIST is publishing Special Publication (SP) 800-171A, Assessing Security Requirements for Controlled Unclassified Information (CUI). It is intended to help organizations develop assessment plans and conduct efficient,...

Data recovered from digital devices is often helpful in providing clues for incidents and potential criminal.....

NIST has published NIST Internal Report (NISTIR) 7511 Revision 5, Security Content Automation Protocol (SCAP) Version 1.3 Validation Program Test Requirements.

When software programs in a network are unmanaged, or unidentified, they are vulnerable to attacks, and.....

To address these issues, NIST’s Computer Forensics Tools Testing (CFTT) program tests computer forensic tools to ensure that.....

NIST announces the release of Draft NISTIR 7511 Revision 5.  This draft NISTIR has been updated.....

NIST announces the release of NIST Interagency Report (NISTIR) 8176, Security Assurance Requirements for Linux Application Container Deployments