Computer Security Resource Center

Computer Security Resource Center

For 20 years, the Computer Security Resource Center (CSRC) has provided access to NIST's cybersecurity- and information security-related projects, publications, news and events.   CSRC supports stakeholders in government, industry and academia—both in the U.S. and internationally.

In this major update to CSRC:

 

Recent News

Draft Guidance for IoT Device Cybersecurity December 15, 2020
Four draft guidance documents on defining IoT cybersecurity requirements--for federal agencies and IoT device manufacturers--are now available for comment through February 12, 2021:  Draft SP 800-213 and Draft NISTIRs...
NIST Publishes NISTIR 8246: CVMAP for CNAs, ADPs December 15, 2020
A new publication formalizes the Common Vulnerabilities and Exposures (CVE) entry metadata submission process that's used in conjunction with the National Vulnerability Database (NVD).
Draft NISTIR 8286A Available for Comment December 14, 2020
Draft NISTIR 8286A, "Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management," is available for comment through February 1, 2021.
Updates to SP 800-53 Rev 5 and 800-53B December 10, 2020
NIST has issued supplemental materials and errata updates for both SP 800-53 Rev. 5 and SP 800-53B, which were originally published in September 2020. New materials include control mappings and control comparisons. 
Data Integrity: SP 1800-25 and SP 1800-26 December 8, 2020
NIST's NCCoE is publishing two Cybersecurity Practice Guides for data integrity that address identifying and protecting assets against--and detecting and responding to--ransomware and other destructive events. Special...

View All News

Upcoming Events

DevSecOps and Zero Trust Architecture (ZTA) for Multi-Cloud Environments January 27, 2021
This 1-day virtual conference will focus on DevSecOps and ZTA as foundational approaches in multi-cloud environments. They facilitate rapid secure application development, promote interoperability, and mitigate threats in a...
2nd Open Security Controls Assessment Language (OSCAL) Workshop February 2, 2021 - February 3, 2021
The National Institute of Standards and Technology will be hosting on Tuesday, February 2 and Wednesday, February 3, 2021, the second workshop in a new series focusing on the Open Security Controls Assessment Language...
Federal Computer Security Managers' Forum - 1/2 Day Meeting - February 2021 February 23, 2021
NOTE:  THIS MEETING IS OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND THEIR DESIGNATED SUPPORT CONTRACTORS.  REGISTRANTS MUST USE A .GOV, .EDU, OR .MIL ADDRESS FOR SIGN-UP.  SUPPORT CONTRACTORS MUST...

View All Events