Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

NIST

What is OSCAL and Why Does It Matter for NIST and FedRAMP?

What is OSCAL and Why Does It Matter for NIST and FedRAMP? Complying with federal cybersecurity guidelines is a difficult task. Unfortunately, many contractors and cloud service providers take a rather lax view of compliance, and it’s an all-too-common scenario for a company to build up standards and practices for audit time and let them slip immediately thereafter until the lead-up to the next audit. Part of this is simply the immense complexity of cybersecurity.

NIST CSF V2: What's Hot and What's Not!

NIST is to the US government what The Watcher is to the Marvel universe. In theory, it should simply observe the world around it, but in reality, it responds to evolving threats through interference. Despite the buzz around the update to the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), you might find it hard to say that any compliance falls under the category of “hot.”

Implementing the NIST Cybersecurity Framework (CSF) 2.0 with AI augmented API Security

The updated NIST Cybersecurity Framework (CSF) 2.0 was published February 26, 2024. Previously, this content was also known as the “Framework for Improving Critical Infrastructure Cybersecurity.” As stated in the framework: In summary, the updated NIST Cybersecurity Framework is organized into the following functional categories.

How to Align Your Security Strategy with NIST Cybersecurity Framework 2.0

After a decade in the making – or waiting, as the case may be – the National Institute of Standards and Technology (NIST) has released the first major revision to its Cybersecurity Framework (CSF), a set of voluntary standards and best practices for managing cybersecurity risks. NIST CSF 2.0, released on Feb 26, 2024, expands the scope and applicability of the framework to cover more types of organizations and industries, including the private sector, government and nonprofits.

Salt Security, API Posture Governance, and the NIST Cybersecurity Framework 2.0

Securing organizations against today’s most advanced threats continues to be challenging, with APIs (Application Programming Interfaces)playing an increasingly central and vulnerable role, especially as digital transformation marches on. The NIST Cybersecurity Framework 2.0 (CSF) release underscores the urgency of addressing evolving threats and now emphasizes the importance of governance in Cybersecurity.

Snyk Learn and the NIST Cybersecurity Framework (CSF)

NIST (National Institute of Standards and Technology) recently released its revamped cybersecurity framework (CSF), aptly called NIST CSF 2.0. The CSF previously had five functions: Identify, Protect, Detect, Respond, and Recover. With 2.0, there is now a sixth: Govern. While Snyk plays an important role in application security and governance, in this blog, we're going to look at the function Snyk Learn plays in CSF 2.0: Protect.

NIST Supply Chain Security Guidance for CI/CD Environments

A CI/CD environment provides a foundation for the software delivery process by giving the ability to be deployed more quickly and without interruption. This notion, which is being automated and integrated, focuses on the CI/CD process. CI or continuous integration methodology, in other words, includes developers committing small changes to their code which gets authenticated, built, tested, and merged together to a common code repository, occurring on a constant basis.

Improving Security with Wallarm's NIST CSF 2.0 Dashboard

Ensuring the security of web applications and APIs is more critical than ever. With threats becoming increasingly prevalent and sophisticated, organizations need to employ comprehensive security measures to protect their digital assets. The NIST Cybersecurity Framework (CSF) 2.0 stands at the forefront of these efforts, offering a structured approach to managing cybersecurity risks.

Introducing NIST AI RMF: Monitor and mitigate AI risk

The pace and complexity of AI technologies is increasing every day. In this rapidly changing environment, it’s critical for companies to adopt a rigorous approach to safely and responsibly incorporating AI into their products and processes. ‍ That’s why we’re excited to announce that the NIST AI Risk Management Framework (RMF) is now available in beta.

Empowering DevSecOps: JFrog's Enterprise-Ready Platform for Federal NIST SP 800-218 Compliance

As an integrator or government agency providing mission-critical software, the question to ask yourself is “Is my software development environment NIST SP 800-218 compliant?”. Compliance with NIST SP 800-218 and the SSDF (Secure Software Development Framework) is mandatory, and it’s time to ensure your software supply chain is compliant.