Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology Laboratory

Computer Security Division

News and Updates

Keyword

Topic Area

Service Mesh Proxy Models for Cloud-Native Applications: Draft SP 800-233 Available for Public Comment

July 19, 2024

The initial public draft of NIST Special Publication (SP) 800-233, Service Mesh Proxy Models for Cloud-Native Applications, is now available for public comment

Personal Identity Verification (PIV) Interfaces, Cryptographic Algorithms, and Key Sizes: NIST Revises SP 800-73 and SP 800-78

July 15, 2024

In January 2022, NIST revised Federal Information Processing Standard (FIPS) 201, which establishes standards for the use of Personal Identity Verification (PIV

Recommendation for Random Bit Generator Constructions: Fourth Public Draft of NIST SP 800-90C Available for Comment

July 3, 2024

NIST has released the fourth public draft (4pd) of NIST Special Publication (SP) 800-90C, Recommendation for Random Bit Generator (RBG) Constructions. The NIST

Keyed-Hash Message Authentication Code (HMAC): Specification of HMAC and Recommendations for Message Authentication | Draft SP 800-224 is Available for Public Comment

June 28, 2024

The initial public draft (ipd) of NIST Special Publication (SP) 800-224, Keyed-Hash Message Authentication Code (HMAC): Specification of HMAC and

A Data Protection Approach for Cloud-Native Applications: Draft NIST IR 8505 is Available for Comment

June 14, 2024

The initial public draft of NIST Internal Report (IR) 8505, A Data Protection Approach for Cloud-Native Applications, is now available for public comment. Cloud

NIST Requests Public Comments on SP 800-38B and SP 800-38C | CMAC and CCM Block Cipher Modes of Operation

June 14, 2024

NIST maintains its cryptography standards and guidelines using a periodic review process. Currently, we are reviewing the following publications: NIST Special

Hardware Security Failure Scenarios: Potential Weaknesses in Hardware Design | Draft of NIST IR 8517 is Available for Comment

June 13, 2024

NIST Internal Report (IR) 8517, Hardware Security Failure Scenarios: Potential Weaknesses in Hardware Design, is now available for public comment. There is an

NIST Publishes Automated Vehicles Workshop Report

June 4, 2024

NIST held a virtual workshop in September 2023 on Standards and Performance Metrics for On-Road Automated Vehicles, attracting over 600 attendees from industry

Just Published | NIST’s FY 2023 Cybersecurity & Privacy Annual Report

May 20, 2024

This week, NIST released Special Publication 800-229, Fiscal Year (FY) 2023 Cybersecurity and Privacy Annual Report. This publication shares key highlights of

NIST Proposes to Revise SP 800-135 Rev. 1, Recommendation for Existing Application-Specific Key Derivation Functions

May 15, 2024

In July 2023, NIST's Crypto Publication Review Board initiated a review of Special Publication (SP) 800-135 Rev. 1, Recommendation for Existing Application

NIST Issues Updated Security Requirements and Assessment Procedures for Protecting Controlled Unclassified Information (CUI)

May 14, 2024

NIST has published the final versions of Special Publication (SP) 800-171r3 (Revision 3), Protecting Controlled Unclassified Information in Nonfederal Systems

NIST Finalizes Updated Guidelines for Protecting Sensitive Information

May 14, 2024

Contractors and other organizations that do business with the federal government now have clearer, more straightforward guidance for protecting sensitive data.

NIST Publishes IR 8504, Access Control on NoSQL Databases

May 7, 2024

NIST has published Internal Report (IR) 8504, Access Control on NoSQL Databases. NoSQL (i.e., “not only SQL” or “non-SQL”) database systems and data stores

Secure Software Development Practices for Generative AI and Dual-Use Foundation Models | NIST SP 800-218A Available for Comment

April 29, 2024

NIST has posted an initial public draft of NIST Special Publication (SP) 800-218A, Secure Software Development Practices for Generative AI and Dual-Use

A Security Perspective on the Web3 Paradigm | Draft NIST IR 8475 Available for Comment

April 11, 2024

NIST has released the initial public draft of Internal Report (IR) 8475, A Security Perspective on the Web3 Paradigm, for public comment. Since its inception

Online Introductory Courses Available for NIST SP 800-53, SP 800-53A, and SP 800-53B

April 10, 2024

NIST has released three self-guided online introductory courses on the NIST Special Publication (SP) 800-53 security and privacy control catalog, the SP 800-53A

Incident Response Recommendations and Considerations for Cybersecurity Risk Management | Comment on SP 800-61 Revision 3 Initial Public Draft

April 3, 2024

Incident response is a critical part of cybersecurity risk management and should be integrated across organizational operations. The six Functions of the NIST