Standards & Guidelines

NIST SP 800-204C: Implementation of DevSecOps for a Microservices-based Application with Service Mesh

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-204C “Implementation of DevSecOps for a Microservices-based Application with Service Mesh.” NIST released on March 8, 2022 a new Special Publication (SP) ...

NIST SP 800-53A Revision 5: Assessing Security and Privacy Controls in Information Systems and Organizations

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-53A Revision 5 "Assessing Security and Privacy Controls in Information Systems and Organizations." NIST released the updated Special Publication (SP) 800-53A Revision ...

NIST SP 800-121 Revision 2: Guide to Bluetooth Security

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-121 Revision 2: "Guide to Bluetooth Security." The Special Publication (SP) 800-121 was released on January 19, 2022 and provides security guidance ...

FIPS 201-3: Personal Identity Verification (PIV) of Federal Employees and Contractors

The U.S. Secretary of Commerce has approved the publication of FIPS 201-3, the National Institute of Standards and Technology (NIST) latest revision of "Personal Identity Verification (PIV) of Federal Employees and Contractors." NIST released the ...

NIST SP 800-213: IoT Device Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-213 IoT Device: "Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements." The Special Publication (SP) 800-213 contains "background and ...

NIST SP 800-213A: IoT Device Cybersecurity Guidance for the Federal Government: IoT Device Cybersecurity Requirement Catalog

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-213A: IoT Device Cybersecurity Guidance for the Federal Government: IoT Device Cybersecurity Requirement Catalog. The Special Publication (SP) 800-213A provides a catalog ...

NIST SP 800-214: 2020 Cybersecurity and Privacy Annual Report

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-214 "2020 Cybersecurity and Privacy Annual Report." The Special Publication (SP) 800-214 describes the many cybersecurity program highlights and accomplishments from throughout ...

NIST SP 1800-34: Validating the Integrity of Computing Devices (Preliminary Draft)

The National Institute of Standards and Technology (NIST) has issued a Preliminary Draft security guidelines SP 1800-34 for Validating the Integrity of Computing Devices. The Special Publication (SP) 1800-34 provides updated guidance and sample solution ...

NIST SP 800-204B: Attribute-based Access Control for Microservices-based Applications using a Service Mesh

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-204B Attribute-based Access Control for Microservices-based Applications using a Service Mesh. The Special Publication (SP) 800-204B provides deployment guidance for an authentication ...

NIST SP 1271: Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide

The National Institute of Standards and Technology (NIST) has issued the NIST SP 1271 Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide. The Special Publication (SP) 1271 provides best practices that can ...

NIST SP 800-47 Rev. 1: Managing the Security of Information Exchanges

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-47 Rev. 1 Managing the Security of Information Exchanges. The Special Publication (SP) 800-47 Rev. 1 provides "guidance for planning, establishing,maintaining, and ...

CIS Controls Version 8

The Center of Internet Security (CIS) in coordination with the SANS Institute and through a consortium of security experts, U.S. agencies such as the NSA, coordinated the CIS Controls Version 8 (formerly known as “Critical ...

NIST SP-800-53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-53 Rev.5. Security and Privacy Controls for Information Systems and Organizations. The Special Publication (SP) 800-53 provides cloud access control (AC) characteristics ...

NIST SP 800-53B: Control Baselines for Information Systems and Organizations

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-53B Control Baselines for Information Systems and Organizations. The Special Publication (SP) 800-53B establishes security and privacy control baselines for federal information ...

NIST SP 800-208: Recommendation for Stateful Hash-Based Signature Schemes

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-208 Recommendation for Stateful Hash-Based Signature Schemes. The Special Publication (SP) 800-208 provides deployment guidance for an authentication andauthorization framework within a ...

NIST SP 800-209: Security Guidelines for Storage Infrastructure

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-209 Security Guidelines for Storage Infrastructure. The Special Publication (SP) 800-209 provides a comprehensive set of security recommendations for the current landscape ...

NIST SP 800-210: General Access Control Guidance for Cloud Systems

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-210 General Access Control Guidance for Cloud Systems. The Special Publication (SP) 800-210 provides cloud access control (AC) characteristics and a set ...

NIST SP 800-128: Security-Focused Configuration Management of Information Systems Guidelines

The National Institute of Standards and Technology (NIST) has issued new Security-Focused Configuration Management of Information Systems guidelines (SP 800-128). The Special Publication (SP) 800-128 provides updated guidance to help organizations securely configure (or “harden”), ...

NIST SP 800-52 Rev. 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations

The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 800-52 Rev. 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations. NIST SP 800-52 Rev. 2 ...

NISTIR 8228: Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks

The National Institute of Standards and Technology (NIST) has released a new Interagency/Internal Report (NISTIR) 8228, that includes guidelines for organizations in managing IoT cybersecurity and privacy risks. The NISTIR 8228 report titled “Considerations for ...