News & Updates

NIST Releases Special Publication 800-172A, "Assessment Procedures for Enhanced Security Requirements."

NIST has published SP 800-47 Revision 1, "Managing the Security of Information Exchanges."

NIST has released Draft Special Publication (SP) 800-172A, "Assessing Enhanced Security Requirements for Controlled Unclassified Information." Public comments are due June 11, 2021.

NIST has published NISTIR 8212, "An Information Security Continuous Monitoring Program Assessment," and the ISCMAx tool that implements the ISCM program assessment described in SP 800-137A.

NIST announces the release of Special Publication (SP) 800-172, "Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171"

Draft NIST SP 800-47 Revision 1, "Managing the Security of Information Exchanges," is now available for public comment through March 12, 2021.

NIST Special Publication (SP) 800-53B, "Control Baselines for Information Systems and Organizations," has been published.

Draft NISTIR 8212, "ISCMA: An Information Security Continuous Monitoring Program Assessment," is available for public comment through November 13, 2020.

NIST has posted a call for comments on "Performance Measurement Guide for Information Security" (SP 800-55 Rev. 1), with a comment period open through December 10, 2020. A new "Measurements for Information Security" project...

NIST Special Publication (SP) 800-53 Revision 5, "Security and Privacy Controls for Information Systems and Organizations," represents a multi-year effort to develop the next generation of controls needed to strengthen and...

NISTIR 8170, "Approaches for Federal Agencies to Use the Cybersecurity Framework," provides guidance on how to use the NIST Cybersecurity Framework in federal agencies, in conjunction with the current and planned suite of...

NIST has updated Special Publication (SP) 800-128, "Guide for Security-Focused Configuration Management of Information Systems"

NIST has published SP 800-57 Part 2 Rev. 1, "Recommendation for Key Management: Part 2 – Best Practices for Key Management Organizations."

NIST has published an update to its Risk Management Framework specification, in NIST Special Publication (SP) 800-37 Revision 2.

NIST has published NISTIR 8011 Volume 3, "Automation Support for Security Control Assessments: Software Asset Management."

The final public draft of NIST SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations--A System Life Cycle Approach for Security and Privacy, is now available. The public comment period...

The initial public draft of SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations, is available for public comment until June 22, 2018.

NIST has published NIST Internal Report (NISTIR) 7511 Revision 5, Security Content Automation Protocol (SCAP) Version 1.3 Validation Program Test Requirements.

Ensuring the Security of Virtualized Server Platforms Against Potential Threats: NIST Releases Draft Special Publication 800-125A Revision 1, Security Recommendations for Server-based Hypervisor Platforms

When software programs in a network are unmanaged, or unidentified, they are vulnerable to attacks, and.....

NIST announces the release of Draft NISTIR 7511 Revision 5.  This draft NISTIR has been updated.....

NIST Announces the Release of a Discussion Draft of Special Publication (SP) 800-37, Revision 2, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy

NIST Releases the Initial Public Draft of Special Publication 800-53, Revision 5, Security and Privacy Controls for Information Systems and Organizations.

NIST requests public comments on the release of Draft Special Publication (SP) 800-70 Revision 4, National Checklist Program for IT Products: Guidelines for Checklist Users and Developers. 

NIST announces the public comment release of Draft NIST Interagency Report (NISTIR) 7848, Specification for the Asset Summary Reporting Format 1.0. NISTIR 7848 defines the Asset Summary Reporting (ASR) format version 1.0, a...