You are viewing this page in an unauthorized frame window.

This is a potential security issue, you are being redirected to https://csrc.nist.gov.

An official website of the United States government

Here’s how you know

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

CSRC MENU

Projects
Publications Expand or Collapse

Drafts for Public Comment

All Public Drafts

Final Pubs

FIPS (standards)

Special Publications (SPs)

IR (interagency/internal reports)

CSWP (cybersecurity white papers)

ITL Bulletins

Project Descriptions

Journal Articles

Conference Papers

Books
Topics Expand or Collapse

Security & Privacy

Applications

Technologies

Sectors

Laws & Regulations

Activities & Products
News & Updates
Events
Glossary
About CSRC Expand or Collapse
Computer Security Division
Applied Cybersecurity Division
Contact Us

Information Technology Laboratory

Computer Security Resource Center

Topics Security and Privacy security programs & operations

acquisition

Share to Facebook Share to X Share to LinkedIn Share ia Email

Related Events

De-mystifying Secure Software Development Webinar
June 23, 2020
Once seen as only tangential to cybersecurity planning, software security has recently emerged as a...

Second Workshop on Enhancing Resilience of the Internet and Communications Ecosystem
February 28, 2018 to March 1, 2018
This workshop will discuss substantive public comments, including open issues) on a draft report...

View All Events

Related News

NIST Releases SP 800-126 & SP 800-126A
December 11, 2025
NIST Releases Two Updated Security Content Automation Protocol (SCAP) Publications for Comment

New NIST Errata Update - C-SCRM
November 1, 2024
NIST has released an errata update to its foundational publication on managing cybersecurity risks...

NIST Publishes SP 800-218A
July 26, 2024
Today, NIST is releasing Special Publication (SP) 800-218A, Secure Software Development Practices...

NIST SP 800-218A Draft Available for Comment
April 29, 2024
NIST has posted an initial public draft of NIST Special Publication (SP) 800-218A, Secure Software...

Comment on NIST SP 800-79 Revision 3
December 13, 2023
The initial public draft (ipd) of SP 800-79r3 (Revision 3), Guidelines for the Authorization of PIV...

View All News

Related Publications

Technical Specification for SCAP Version 1.4
SP 800-126 Rev. 4 (Initial Public Draft)
December 11, 2025
Draft

Secure Software Development, Security, and Operations (DevSecOps) Practices
SP 1800-44 (Initial Preliminary Draft)
July 2025
Withdrawn

C-SCRM Practices for Systems and Organizations
SP 800-161 Rev. 1
May 2022 (includes updates as of 11-01-2024)
Final

Secure Software Development Practices for Generative AI and Dual-Use Foundation Models: An SSDF Community Profile
SP 800-218A
July 2024
Final

Secure Software Development Practices for Generative AI and Dual-Use Foundation Models
SP 800-218A (Initial Public Draft)
April 29, 2024
Withdrawn

View All Publications

Related Presentations

Identification and Use of Restricted and Sanctioned Entity Lists: Enhanced Vendor Vetting to Improve Acquisition Decisions
Presentation - January 29, 2025

Enhancing Cyber Supply Chain Assurance: A Discussion on the Secure Software Acquisition Guide
Panel - January 28, 2025

ACT-IAC Effort: Acquisition Community of Interest (COI) C-SCRM Acquisition Working Group (AWG)
Presentation - May 31, 2023

View All Presentations

Topics

Security and Privacy
Technologies
Applications
Laws and Regulations
Activities and Products
Sectors

Created June 08, 2016, Updated June 22, 2020

HEADQUARTERS
100 Bureau Drive
Gaithersburg, MD 20899

(link is external)
(link is external)
(link is external)
(link is external)
(link is external)
(link is external)

Want updates about CSRC and our publications? Subscribe

Send inquiries to [email protected]

Site Privacy
Accessibility
Privacy Program
Copyrights
Vulnerability Disclosure
No Fear Act Policy
FOIA
Environmental Policy
Scientific Integrity
Information Quality Standards
Commerce.gov
Science.gov
USA.gov
Vote.gov

CS Knowledge Base