The FREE Cybersecurity Glossary by Thor Pedersen!

NIST SP 800-37: NIST Special Publication 800-37 presents guidelines for applying the Risk Management Framework to federal information systems. It includes processes for identifying and classifying information system assets, identifying relevant threats, determining risk, selecting and implementing appropriate controls, and documenting the process. The goal is to provide a structured and scalable approach for managing risk to information systems and to promote near real-time risk management.

NIST SP 800-53 Rev 5: NIST Special Publication 800-53 Revision 5, "Security and Privacy Controls for Information Systems and Organizations," provides a comprehensive set of security and privacy controls for federal information systems and organizations. It includes controls to address diverse requirements derived from federal laws, executive orders, policies, directives, regulations, standards, and mission/business needs.

NIST SP 800-55: NIST Special Publication 800-55 provides guidelines for measuring the performance of information security policies and technologies within federal information systems. These guidelines help organizations to develop, select, and implement metrics to improve the efficiency and effectiveness of security control measures.

NIST SP 800-61: NIST Special Publication 800-61 offers best practices for computer security incident handling, including preparation, detection, analysis, containment, recovery, and user response. It is designed to assist organizations in establishing effective incident response capabilities to promptly handle various types of cybersecurity incidents.

NIST SP 800-63: A special publication by NIST that provides technical guidelines for digital identity services. It covers identity proofing, authentication, and federation, outlining standards for ensuring the security and privacy of online identities.

NIST SP 800-70: NIST Special Publication 800-70 provides guidelines for the development, selection, and implementation of security configuration checklists. It is designed to guide organizations in establishing and maintaining secure configurations for their operating systems, software applications, and network devices to reduce vulnerabilities and mitigate potential threats.