NIST 800-171: Penetration testing and vulnerability scanning

In June 2015, NIST published a special publication 800-171 focusing on the protection of controlled unclassified information (CUI). This publication has been developed by NIST to further its statutory obligations under the Federal Information Security Modernization Act (FISMA) of 2014. Over the last five years, there have been a couple of revisions, and the latest … Continued

NIST Cybersecurity Framework Compliance

The first version of the NIST Cybersecurity Framework was published in 2014, and it was updated for the first time in April 2018. Although there have not been any substantial changes, however, there are a few new additions and clarifications. Appendix A of this framework is often called the Framework Core, and it is a twenty-page document that lists five functions – Identify, … Continued

What is NIST Penetration Testing?

Introduction NIST (National Institute for Science & Technology) is a US Department of Commerce agency. Under the Federal Information Security Management Act of 2002 (FISMA), it is responsible for developing standards and guidelines for information security, including the prescription of minimum requirements for US federal information systems. Generally, the guidance documents published by NIST are more … Continued