Development of an Internal-Use NCCoE Chatbot | Comment on Draft NIST IR 8579

The National Cybersecurity Center of Excellence (NCCoE) has released the initial public draft of Internal Report (IR) 8579, Developing the NCCoE Chatbot: Technical and Security Learnings from the Initial Implementation, for public comment. To further enhance its mission, the NCCoE identified a potential application for a secure, internal-use chatbot. The chatbot's development aims to assist users in discovering and summarizing cybersecurity guidelines specific to their needs. This initiative aims to enhance user engagement and ensure that organizations can more effectively implement robust cybersecurity measures.

The chatbot was built using retrieval-augmented generation (RAG)-based large language model (LLM) technology. This approach combines techniques from information retrieval and natural language generation, enabling the chatbot to provide more focused, contextually relevant responses by leveraging a repository of cybersecurity knowledge. Compared to search engines, LLM-based chatbots provide more contextually relevant and precise responses by understanding the nuances of natural language queries.

This report provides a point-in-time examination of the NCCoE Chatbot, outlining the NCCoE’s approach to developing the tool and its response to specific security challenges. In addition, it provides an overview of the chatbot and its supporting technologies so that other organizations might consider the benefits of their use.

We encourage you to review this draft and provide comments by 11:59 pm EDT on August 4, 2025. If you have any questions, please email the team at nlp-nccoe [at] nist.gov (nlp-nccoe[at]nist[dot]gov).