| CARVIEW |
This is a potential security issue, you are being redirected to https://csrc.nist.gov.
An official website of the United States government
Here’s how you know
Official websites use .gov
A
.gov website belongs to an official government
organization in the United States.
Secure .gov websites use HTTPS
A
lock (
) or https:// means you’ve safely connected to
the .gov website. Share sensitive information only on official,
secure websites.
Current Publications
-
NIST Series Pubs
- Final Pubs
- Drafts Open for Comment
- Drafts (all)
- View By Series
- Other Pubs
Public Drafts: Current list of all draft NIST cybersecurity documents--they are typically posted for public comment. "Current" public drafts are the latest draft versions that have not yet been published as "Final." FIPS: Current Federal Information Processing Standard Publications (FIPS). Includes current (Final and Draft) FIPS.
SP 800 Series: Current NIST Special Publication (SP) 800 series publications, which focus on Computer/Information Security. Includes current (Final and Draft) SP 800 pubs.
All SP Series: Current NIST Special Publications (SP), including SP 800 (Computer/Information Security) and SP 1800 (Cybersecurity Practice Guides) pubs. Also includes SP 500 (Computer Systems Technology) pubs related to cybersecurity and privacy. Includes current (Final and Draft) NIST Special Publications.
NISTIRs: Current list of NIST Interagency or Internal Reports (NISTIR) related to cybersecurity and privacy. Includes current (Final and Draft) NISTIRs.
ITL Bulletins: Current list of NIST Information Technology Laboratory (ITL) Bulletins. White Papers: Consists of NIST Cybersecurity White Papers; NCCoE Project Descriptions, Building Blocks and Use Cases; and other NIST-authored papers that are not part of a formal series. Includes current (Final and Draft) papers.
Journal Articles: NIST-authored articles published in external journals and in the NIST Journal of Research (JRES).
Conference Papers: NIST-authored conference papers related to cybersecurity and privacy.
Books: NIST-authored books, book sections, and encyclopedia entries related to cybersecurity and privacy.
Drafts Open for Comment
Many of NIST's cybersecurity and privacy publications are posted as drafts for public comment. Comment periods are still open for the following publications. Select the publication title to access downloads, related content, and instructions for submitting comments. Your thoughtful reviews and comments are greatly appreciated and help us to improve our standards and guidance.
Also see a complete list of public drafts that includes those whose comment periods have closed.
| Comments Due | Series | Number | Title Publications |
|---|---|---|---|
| 10/03/2025 | IR | 8536 |
Comments Due: 10/03/2025
The NIST National Cybersecurity Center of Excellence (NCCoE) has released a second public draft of NIST Internal Report 8536, Supply Chain Traceability: Manufacturing Meta-Framework, for public comment. We thank everyone who submitted comments on the initial draft. Your thoughtful feedback prompted... |
| 10/10/2025 | CSWP | 37B |
Comments Due: 10/10/2025
The Cryptographic Module Validation Program (CMVP) validates third-party assertions that cryptographic module implementations satisfy the requirements of Federal Information Processing Standards (FIPS) Publication 140-3, Security Requirements for Cryptographic Modules. The NIST National... |
| 10/20/2025 | CSWP | 48 |
Comments Due: 10/20/2025
The project is designed to support and align with key NIST cybersecurity frameworks and security controls. Specifically, the project’s capabilities are informed by and mapped to the security objectives and controls outlined in two important NIST documents: NIST Cybersecurity Framework 2.0 (CSF... |
| 10/31/2025 | IR | 8259 Rev. 1 |
Comments Due: 10/31/2025
This document describes recommended activities related to cybersecurity for manufacturers, spanning pre-market and post-market, to help them develop products that meet their customers’ needs and expectations for cybersecurity. This second public draft builds on changes made in the first draft and... |
| 11/04/2025 | SP | 800-90A Rev. 2 |
Comments Due: 11/04/2025
SP 800-90A Rev. 2
PRE-DRAFT Call for Comments: Recommendation for Random Number Generation Using Deterministic Random Bit Generators NIST Special Publication (SP) 800-90Ar1 (Revision 1), Recommendation for Random Number Generation Using Deterministic Random Bit Generators (DRBGs), provides guidelines for generating cryptographically secure random numbers using deterministic methods. This recommendation specifies approved DRBG... |
| 11/14/2025 | IR | 8588 |
Comments Due: 11/14/2025
This draft proposes a NIST-hosted database of community-contributed descriptions of differential privacy (DP) deployments. DP is a mathematical definition of privacy, and DP deployments are computer systems that add calibrated noise to data to protect the privacy of individuals. Since DP is being... |
| 11/14/2025 | SP | 800-172 Rev. 3 |
Comments Due: 11/14/2025
As part of ongoing efforts to strengthen the protections for securing controlled unclassified information (CUI) in nonfederal systems, NIST has released the following drafts for comment: SP 800-172r3 (Revision 3) fpd (final public draft), Enhanced Security Requirements for Protecting Controlled... |
| 11/14/2025 | SP | 800-172A Rev. 3 |
Comments Due: 11/14/2025
As part of ongoing efforts to strengthen the protections for securing controlled unclassified information (CUI) in nonfederal systems, NIST has released the following drafts for comment: SP 800-172r3 (Revision 3) fpd (final public draft), Enhanced Security Requirements for Protecting Controlled... |
| 11/17/2025 | IR | 8183 Rev. 2 |
Comments Due: 11/17/2025
The Manufacturing Profile is aligned with manufacturing sector goals and industry best practices and can be used as a roadmap for reducing cybersecurity risk for manufacturers. The Manufacturing Profile provides a voluntary, risk-based approach for managing cybersecurity activities and reducing... |
Current Publications
-
NIST Series Pubs
- Final Pubs
- Drafts Open for Comment
- Drafts (all)
- View By Series
- Other Pubs
Public Drafts: Current list of all draft NIST cybersecurity documents--they are typically posted for public comment. "Current" public drafts are the latest draft versions that have not yet been published as "Final." FIPS: Current Federal Information Processing Standard Publications (FIPS). Includes current (Final and Draft) FIPS.
SP 800 Series: Current NIST Special Publication (SP) 800 series publications, which focus on Computer/Information Security. Includes current (Final and Draft) SP 800 pubs.
All SP Series: Current NIST Special Publications (SP), including SP 800 (Computer/Information Security) and SP 1800 (Cybersecurity Practice Guides) pubs. Also includes SP 500 (Computer Systems Technology) pubs related to cybersecurity and privacy. Includes current (Final and Draft) NIST Special Publications.
NISTIRs: Current list of NIST Interagency or Internal Reports (NISTIR) related to cybersecurity and privacy. Includes current (Final and Draft) NISTIRs.
ITL Bulletins: Current list of NIST Information Technology Laboratory (ITL) Bulletins. White Papers: Consists of NIST Cybersecurity White Papers; NCCoE Project Descriptions, Building Blocks and Use Cases; and other NIST-authored papers that are not part of a formal series. Includes current (Final and Draft) papers.
Journal Articles: NIST-authored articles published in external journals and in the NIST Journal of Research (JRES).
Conference Papers: NIST-authored conference papers related to cybersecurity and privacy.
Books: NIST-authored books, book sections, and encyclopedia entries related to cybersecurity and privacy.