Search CSRC

NIST announces the release of an errata update to Special Publication 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach.

NIST announces that Draft Special Publication (SP) 800-161, Supply Chain Risk Management Practices for Federal Information Systems and Organizations, has been released for public comment ....

NIST announces the release of Supplemental Guidance on Ongoing Authorization: Transitioning to Near Real-Time Risk Management. This publication responds to Office of Management and Budget (OMB) Memorandum M-14-03, Enhancing the Security of Federal ...

NIST announces the public comment release of second draft of NIST Interagency Report 7924, Reference Certificate Policy. The purpose of this document is to identify a set of security controls and practices to support the secure issuance of certificates. 

NIST announces the release of Special Publication (SP) 800-101 Revision 1, Guidelines on Mobile Device Forensics. Mobile device forensics is the science of recovering digital evidence from a mobile device under forensically sound conditions using accepted methods. 

The National Institute of Standards and Technology (NIST) launched a public competition in November 2007 to develop a new cryptographic hash algorithm for standardization to augment the Government...

Update on Three FISMA Publications Ongoing Authorization Supplemental Guidance, SP 800-37, Rev 1 (Errata), SP 800-53A Rev 2 (IPD)  The FISMA Implementation Project is announcing the following schedule for three publications.

The NIST Special Publication 800-53 Revision 4 On-line Reference Database has been posted which contains the catalog of security controls from Appendix F and G of SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations (April 2013).

Public Comments: (1) Revised Draft Special Publication 800-73-4, Interfaces for Personal Identity Verification, and (2) Revised Draft Special Publication 800-78-4, Cryptographic Algorithms and Key Sizes for Personal Identity Verification, are now available...

NIST has determined to extend the public comment period for the draft revision of Special Publication 800-56B, Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography ...

The Information Security and Privacy Advisory Board (ISPAB) will meet Wednesday, June 11, 2014 - Friday, June 13, 2014. All sessions will be open to the public.

NIST announces the release of Special Publication 800-82, Revision 2, Guide to Industrial Control System (ICS) Security. Special Publication 800-82 provides guidance on how to improve the security in Industrial Control Systems (ICS), ...

NIST requests comments on the initial public draft of Special Publication (SP) 800-160, Systems Security Engineering: An Integrated Approach to Building Trustworthy Resilient Systems. 

The National Institute of Standards and Technology (NIST) invites organizations to provide products and technical expertise to support and demonstrate security platforms for IT asset management for the financial services sector.

NIST would like to request comments on a Draft Revision of SP 800-57 Part 3, Recommendation for Key Management: Application-Specific Key Management Guidance. 

NIST has released Special Publication 800-52 Revision 1, Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations. TLS provides mechanisms to protect sensitive data during electronic dissemination across networks.

NIST announces the release of NIST Interagency Report (NISTIR) 7946, CVSS Implementation Guidance. This Interagency Report provides guidance to individuals scoring IT vulnerabilities using the Common Vulnerability Scoring System (CVSS) Version 2.0 scoring metrics. 

In support of the Federal Information Security Management Act of 2002 and the 2014 Framework for Improving Critical Infrastructure Cybersecurity, NIST will issue in May 2014, the initial public draft of Special Publication (SP) 800-160, Systems Security Engineering ...

NIST requests comments on a revision of Draft Special Publication 800-90A Revision 1, Recommendation for Random Number Generation Using Deterministic Random Bit Generators. This revision removes the Dual_EC_DRBG from the document.

The National Institute of Standards and Technology (NIST) invites organizations to provide products and technical expertise to support and demonstrate security platforms for identity and access management for the electric power sector.

NIST announces the release of Draft Special Publication (SP) 800- 16 Revision 1 (3rd public draft), A Role-Based Model For Federal Information Technology/Cyber Security Training for public comment. SP 800-16 describes information technology / cyber security role-based training ...

NIST announces the release of the draft revision of Special Publication 800-56B, Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography. SP 800-56B specifies key-establishment schemes based on the Rivest Shamir Adleman ...

The National Institute of Standards and Technology (NIST) announces the Intersection of Cloud and Mobility Forum and Workshop to be held on Tuesday, March 25, Wednesday, March 26, and Thursday, March 27, 2014.

Draft Special Publication 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials and Draft NIST Interagency Report 7981, Mobile, PIV, and Authentication, are now available 

NIST announces the release of NIST Interagency Report (IR) 7849, A Methodology for Developing Authentication Assurance Level Taxonomy for Smart Card-based Identity Verification. Smart cards (smart identity tokens) are now extensively deployed for identity verification, ...