An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
The NIST Special Publication (SP) 800-140x series supports Federal Information Processing Standards (FIPS) Publication 140-3, Security Requirements for
Cloud-native applications now consist of loosely coupled components (microservices), with all application services (e.g., authentication, authorization, load
NIST is in the process of a periodic review and maintenance of its cryptography standards and guidelines. Currently, we are reviewing the following publications
Cyber attacks are a reality. Sometimes even with the best protective measures in place, adversaries can breach perimeter defenses and find their way into
In May 2021, NIST initiated a review of several publications, including the following NIST Special Publications (SP): SP 800 15, MISPC Minimum Interoperability
Control assessments are not about checklists, simple pass/fail results, or generating paperwork to pass inspections or audits. The testing and evaluation of
NIST announces the release of NISTIR 8319, Review of the Advanced Encryption Standard. This publication provides a technical and editorial review of FIPS 197
NIST announces the publication of NIST Internal Report (NISTIR) 8369, Status Report on the Second Round of the NIST Lightweight Cryptography Standardization
Organizations have mission and business-based needs to exchange or share information with one or more internal or external organizations via various information
Space operations are vital to advancing the security, economic prosperity, and scientific knowledge of the Nation. However, cyber-related threats to space
A draft NIST Cybersecurity White Paper, Combinatorial Coverage Difference Measurement, is now available for public comment. Structural coverage criteria are
NIST is pleased to announce the release of Open Security Controls Assessment Language (OSCAL) 1.0.0. This is the first, official, major release of OSCAL and
Not all security vulnerabilities can be found through automated processes or testing. Internal and external reporting of security vulnerabilities in software
More than ever, organizations are concerned about the risks associated with products and services that may contain potentially malicious functionality, are
NIST is in the process of a periodic review and maintenance of its cryptography standards and NIST Special Publications. A description of the review process is
More than ever, organizations are concerned about the risks associated with products and services that may contain potentially malicious functionality, are
The protection of controlled unclassified information (CUI) in nonfederal systems and organizations—especially CUI associated with a critical program or high
Digital twin technology is an emerging area of research and standardization. Because of this, there may be a lack of clarity as to what is new with digital
Information security continuous monitoring (ISCM) programs provide an understanding of risk tolerance and help officials set priorities and consistently manage
NIST has completed the review of the second-round candidates in NIST's lightweight cryptography standardization process. After careful consideration, the ten
When you bump into someone in the workplace or at your local coffee shop, you might call that an “encounter.” That’s the scientific term for it, too. As part of
In order to facilitate the development of applications and middleware that support the Personal Identity Verification (PIV) Card, the National Institute of
NIST announces the release of NISTIR 8276 , Key Practices in Cyber Supply Chain Risk Management (C-SCRM): Observations from Industry. This final document
Traditional data and operations management across organizations and on the web can involve inefficient transaction reconciliation between siloed databases