NIST

On the Road to DevSecOps: Security and Privacy Controls per NIST SP 800-53

On the Road to DevSecOps: Security and Privacy Controls per NIST SP 800-53

| | Application Security Testing, Blog, Interactive Application Security Testing, NIST, Open Source Analysis, Software Developers, Static Analysis, Technical Blog
This past March, the National Institute of Standards and Technology (NIST) released the NIST Special Publication 800-53, Revision 5, which was their final public draft revision. According to the abstract, “This publication ...
Blog – Checkmarx

API Security Need to Know: Questions Every Executive Should Ask About Their APIs

| | API Attack, API security, Compliance, General, NIST
Using NIST CSF to Reign in your API Footprint As your digital transformation accelerates, it’s API volume and usage has accelerated in tandem. It is also very likely that your API security ...
Cequence

Update on NIST’s Post-Quantum Cryptography Program

| | cryptography, Cybersecurity, NIST, quantumcomputing, quantumcryptography
NIST has posted an update on their post-quantum cryptography program: After spending more than three years examining new approaches to encryption and data protection that could defeat an assault from a quantum ...
Schneier on Security
Using Frameworks to Navigate the Convergence of Data Privacy & Cybersecurity | Apptega

Using Frameworks to Navigate the Convergence of Data Privacy & Cybersecurity | Apptega

| | ISO 27001, NIST, NIST 800 - 53, NIST 800-171, NIST CsF, PCI, Privacy, SOC 2
  ...
Apptega Blog

Transportation Systems Sector Cybersecurity Framework Implementation Guide

| | Featured Articles, ICS Security, NIST, train, underground
As smart ticketing systems and technological solutions become more prevalent in the transportation industry, the issue of transportation systems’ cybersecurity becomes a greater concern. Transportation Systems Cybersecurity is a Major Concern In ...
The State of Security

NIST: Adopt a Secure Software Development Framework (SSDF) to Mitigate Risk of Software Vulnerabilities

| | devops frameworks, Everything Open Source, government, government open source software (GOSS), Industry commentary, NIST, open source goveranance, Open Source Security
This Spring, the National Institute of Standards and Technology (NIST), released updated recommendations (.pdf) to improve software resilience against vulnerabilities. This builds on an earlier, four-part framework released last year. As the ...
Sonatype Blog

Final Version of NIST SP 1800-23 Guides Identification of Threats to OT Assets

| | energy sector, ICS Security, NIST, operational technology, Regulatory Compliance
In September 2019, the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) announced the release of a draft practice guide entitled, “NIST Special Publication (SP) ...
The State of Security

5 Best Practices for TLS Certificate Management | Keyfactor

| | NIST, TLS cert, tls certificate management
In my 15+ years working with PKI and TLS certificates, never has there been so much news about the importance of managing and protecting digital identities. From the recent Microsoft Teams outage ...
PKI Blog
RASP for NIST Flow chart

NIST Recognizes RASP as Critical to Lowering Risk

| | Application Security, NIST, rasp
The United States Congress ratified the Cybersecurity Framework set forth by the National Institute of Standards and Technology (NIST) in 2014 to standardize the practices and controls that mitigate constantly evolving cyberthreats ...
Blog
Full Framework

How to Leverage NIST Cybersecurity Framework for Data Integrity

| | Cybersecurity, IT Security and Data Protection, NCCoE, NIST
Together with the National Cybersecurity Center of Excellence (NCCoE), the National Institute of Standards and Technology (NIST) has released a series of practice guides that focuses on data integrity: the property that ...
The State of Security
Load more