Search CSRC

NIST announces the public comment release of Draft NIST Interagency Report (IR) 7966, Security of Automated Access Management Using Secure Shell (SSH). (NOTE: This draft & the 2nd draft has been approved as FINAL on October 2015). 

NIST announces that Draft Special Publication 800-163, Technical Considerations for Vetting 3rd Party Mobile Applications, is now available for public comment. The purpose of this document is to provide guidance for vetting 3rd party software applications (apps) ...

NIST produced a revised version of NIST Special Publication SP 800-85B, PIV Data Model Conformance Test Guidelines. The revisions include additional tests necessary to test new features added to the PIV Data Model in SP 800-73-4 Parts 1. This document, ...

NIST announces the release of Draft Special Publication 800-53A, Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans (Initial Public Draft). 

NIST extended the public review period of the recently posted Draft NIST IR 8006, NIST Cloud Forensic Science Challenges, and will accept comments on the document until AUGUST 25, 2014. 

On February 25, 2014, the Association of Public-Safety Communications Officials (APCO) International, in cooperation with FirstNet and the Department of Commerce held a half-day workshop titled “Public Safety Mobile Application Security Requirements” attended by ...

In cooperation with the Public Safety Communications Research (PSCR) Program, NIST announces the release of NIST Interagency Report (NISTIR) 8014, Considerations for Identity Management in Public Safety Mobile Networks. 

NIST’s Visiting Committee for Advanced Technology (VCAT) finalized a report detailing recommendations for NIST’s cryptographic standards program. The VCAT’s recommendations are ...

NIST Interagency Report (NISTIR) 7987 describes an access control framework, referred to as the Policy Machine (PM), which fundamentally changes the way access control policy is expressed and enforced. The report gives a detailed description of the PM ...

Draft Special Publication 800-38G, Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption, released for public comment in July 2013, included three methods for format-preserving encryption (FPE). Called FF1, FF2, and FF3,...

NIST announces that Draft NIST IR 8006, NIST Cloud Forensic Science Challenges, has been released for public comments – can be accessed by the CSRC Drafts page. Deadline to submit comments has been EXTENDED TO AUGUST 25, 2014

NIST announces the release of an errata update to Special Publication 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach.

NIST announces that Draft Special Publication (SP) 800-161, Supply Chain Risk Management Practices for Federal Information Systems and Organizations, has been released for public comment ....

NIST announces the release of Supplemental Guidance on Ongoing Authorization: Transitioning to Near Real-Time Risk Management. This publication responds to Office of Management and Budget (OMB) Memorandum M-14-03, Enhancing the Security of Federal ...

NIST announces the public comment release of second draft of NIST Interagency Report 7924, Reference Certificate Policy. The purpose of this document is to identify a set of security controls and practices to support the secure issuance of certificates. 

NIST announces the release of Special Publication (SP) 800-101 Revision 1, Guidelines on Mobile Device Forensics. Mobile device forensics is the science of recovering digital evidence from a mobile device under forensically sound conditions using accepted methods. 

The National Institute of Standards and Technology (NIST) launched a public competition in November 2007 to develop a new cryptographic hash algorithm for standardization to augment the Government...

Update on Three FISMA Publications Ongoing Authorization Supplemental Guidance, SP 800-37, Rev 1 (Errata), SP 800-53A Rev 2 (IPD)  The FISMA Implementation Project is announcing the following schedule for three publications.

The NIST Special Publication 800-53 Revision 4 On-line Reference Database has been posted which contains the catalog of security controls from Appendix F and G of SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations (April 2013).

Public Comments: (1) Revised Draft Special Publication 800-73-4, Interfaces for Personal Identity Verification, and (2) Revised Draft Special Publication 800-78-4, Cryptographic Algorithms and Key Sizes for Personal Identity Verification, are now available...

NIST has determined to extend the public comment period for the draft revision of Special Publication 800-56B, Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography ...

The Information Security and Privacy Advisory Board (ISPAB) will meet Wednesday, June 11, 2014 - Friday, June 13, 2014. All sessions will be open to the public.

NIST announces the release of Special Publication 800-82, Revision 2, Guide to Industrial Control System (ICS) Security. Special Publication 800-82 provides guidance on how to improve the security in Industrial Control Systems (ICS), ...

NIST requests comments on the initial public draft of Special Publication (SP) 800-160, Systems Security Engineering: An Integrated Approach to Building Trustworthy Resilient Systems. 

The National Institute of Standards and Technology (NIST) invites organizations to provide products and technical expertise to support and demonstrate security platforms for IT asset management for the financial services sector.