News & Updates

NIST has published Volume 4 of NISTIR 8011:  "Automation Support for Security Control Assessments: Software Vulnerability Management."

NIST has released Draft Special Publication (SP) 800-210, "General Access Control Guidance for Cloud Systems," for public comment. The comment period is open through May 15, 2020.

NIST has released Draft NISTIR 8183 Rev. 1, "Cybersecurity Framework Version 1.1 Manufacturing Profile," for public comment. Comments are due by May 4, 2020.

NIST is pleased to announce the first official release of the Open Security Controls Assessment Language (OSCAL), Version 1.0.0 - Milestone 1. The release.....

NIST has released two draft publications for comment: SP 800-171 Rev. 2 and SP 800-171B. The comment period for both drafts ends on July 19, 2019.

NIST has published an update to its Risk Management Framework specification, in NIST Special Publication (SP) 800-37 Revision 2.

NIST has published NISTIR 8011 Volume 3, "Automation Support for Security Control Assessments: Software Asset Management."

The final public draft of NIST SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations--A System Life Cycle Approach for Security and Privacy, is now available. The public comment period...

NIST is seeking comments on Draft SP 1800-18, a practice guide demonstrating Privileged Account Management (PAM) solutions that use commercially available products to appropriately secure and enforce organizational policies....

NIST is publishing Special Publication (SP) 800-171A, Assessing Security Requirements for Controlled Unclassified Information (CUI). It is intended to help organizations develop assessment plans and conduct efficient,...

The initial public draft of SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations, is available for public comment until June 22, 2018.

When software programs in a network are unmanaged, or unidentified, they are vulnerable to attacks, and.....

NIST Announces the Release of a Discussion Draft of Special Publication (SP) 800-37, Revision 2, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy

NIST Releases the Draft Special Publication 800-177 Revision 1, Trustworthy Email for public comment.  This updated Special Publication has a new....

NIST Releases the Initial Public Draft of Special Publication 800-53, Revision 5, Security and Privacy Controls for Information Systems and Organizations.

Special Publication 800-53 Revision 5 Status Update

NIST announces the release of an Errata Update for Special Publication 800-53, Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations. This update contains new mapping tables for ISO/IEC...

NIST announces the release of Draft Special Publication 800-53, Revision 4, Appendix H, International Information Security Standards, Security Control Mappings for ISO/IEC 27001: 2013. (NOTE: This draft Appendix H for SP...

NIST announces the release of Draft Special Publication 800-53A, Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans (Initial Public...

NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations

NIST will provide periodic errata updates to Special Publication (SP) 800-53, Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, as needed. 

NIST announces the markup version of NIST Special Publication 800-53, Revision 4 (Initial Public Draft), Security and Privacy Controls for Federal Information Systems and Organizations. 

NIST announces the Initial Public Draft of Special Publication (SP) 800-53, Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations. Special Publication 800-53, Revision 4, represents the...