NIST Archives

Dems want watchdog study of two troubled federally-funded vulnerability tracking initiatives

The CVE program publishes standardized information about known cyber vulnerabilities, while the NVD is a storehouse for vulnerability management data.

Jun 11, 2025 By Tim Starks

Unverified code is the next national security threat

Congress and federal agencies can take some simple steps to better protect open-source software.

Jun 9, 2025 By Dan Lorenc

Sens. James Lankford, R-Okla., left, and Mark Warner, D-Va., head for votes at the Capitol on Feb. 18, 2025 in Washington, D.C. (Photo by Chip Somodevilla/Getty Images)

Senators take another swing at vulnerability disclosure policy bill for federal contractors

Sens. Warner and Lankford reintroduced their VDP bill after a companion version passed the House in March.

May 23, 2025 By Matt Bracken

Quantum computer threat spurring quiet overhaul of internet security

Cryptography experts said a “Cambrian explosion” of standards is on its way as a response to worries over quantum computers breaking current algorithms.

May 1, 2025 By Greg Otto

CISA reverses course, extends MITRE CVE contract

While the last-minute extension averts an immediate lapse in support, rival organizations are being stood up to supplant the global vulnerability system.

Apr 16, 2025 By Derek B. Johnson

A logo sign outside of the headquarters of Ivanti in South Jordan, Utah. (Kristoffer Tripplaar / Alamy Stock Photo)

Is Ivanti the problem or a symptom of a systemic issue with network devices?

Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.

Apr 14, 2025 By Matt Kapko

Infosec pros: We need CVSS, warts and all

The Common Vulnerability Scoring System has a lot of critics, but experts say it’s still the best unified way to share the severity of cybersecurity flaws.

Feb 5, 2025 By Cynthia Brumfield

Google smart home devices were demonstrated during the Consumer Electronics Show in Las Vegas on Jan. 5, 2023. (Photo by Patrick T. Fallon/AFP/Getty Images)

White House launches cybersecurity label program for consumers

The White House announced Tuesday the official launch of the U.S. Cyber Trust Mark, a cybersecurity labeling initiative aimed at enhancing the security of internet-connected devices. The…

Jan 7, 2025 By Greg Otto

Agencies push for digital transformation amid security challenges

Federal agencies are accelerating digital transformation efforts to meet public expectations and comply with mandates, but transitioning securely to platforms like Salesforce often requires specialized help, according…

Nov 13, 2024 By Scoop News Group

NIST’s Cherilyn Pascoe on what types of cybersecurity attacks agencies face

Cherilyn Pascoe | Director, National Cybersecurity Center of Excellence | NIST

Nov 5, 2024 By Scoop News Group