nist
Safeguard articles tagged "nist" — guides, analysis, and best practices for software supply chain and application security.
22 articles
NIST NVD Recovery: The New Consortium Reshaping Vulnerability Data
After months of processing backlogs and community frustration, NIST announces a new consortium to modernize and sustain the National Vulnerability Database.
Post-Quantum Cryptography Transition: A Practical Guide for Engineering Teams
NIST has finalized its post-quantum standards. Here's a hands-on guide for engineering teams beginning the migration from classical to quantum-resistant cryptography.
NIST NVD Slowdown: What the Vulnerability Enrichment Backlog Means for Security Teams
NIST's National Vulnerability Database nearly stopped enriching CVEs in early 2024, creating a growing backlog that left security teams without the severity scores and metadata they depend on.
NIST Cybersecurity Framework 2.0: What Changed and Why It Matters
NIST CSF 2.0 introduces a new Govern function and expands supply chain risk management. Here's what security teams need to know.
Government Contractor SBOM Compliance: Meeting Federal Requirements
Federal agencies are mandating SBOMs from their software suppliers. If you sell software to the government, here's what compliance looks like.
NIST SSDF v1.1: Practical Adoption Notes
NIST SP 800-218 became the de facto baseline for federal software attestation in 2023. Here is how to adopt SSDF v1.1 without drowning in paperwork.
Telecommunications Supply Chain Security: Protecting Critical Infrastructure
Telecom networks are critical infrastructure that depend on complex software supply chains. Here's how carriers and equipment providers should approach security.
NIST CSF Updates Put Supply Chain Risk Management Front and Center
NIST's 2022 updates to the Cybersecurity Framework signal a major shift: supply chain risk management is no longer optional — it's a core pillar.
NIST SP 800-218 (SSDF) Final Publication: What It Means for Your Organization
NIST finalized the Secure Software Development Framework in February 2022. If you sell software to the US government — or plan to — compliance is no longer optional.
NIST SSDF Framework: A Practical Guide
The Secure Software Development Framework (SSDF) is becoming the baseline for federal software security. Here's what it contains and how to implement it.