DISA News

• DISA is scheduled to sunset the Defense Collaboration Services for non-classified Internet Protocol Router Network on September 1, 2021

STIG Updates

• Trend Micro TippingPoint STIG Released
• SRG/STIG Library Compliance Update
• Unclassified Application STIGs Updated
• Unclassified Network STIGs and SRGs Updated
• Unclassified Operating Systems STIGs and Overviews Updated
• CUI HBSS STIGs Updated
• Supplemental Automation Content Updated
• Sunset – Adobe ColdFusion 11 STIG Ver 2, Rel 1
• Benchmarks Updated

NIST News

Announcements:

• NCCoE final Project Description for “Data Classification Practices: Facilitating Data-Centric Security.”
• NIST has finalized the Project Description for the “Automation of the Cryptographic Module Validation Program (CMVP).”

Special Publications & Updates:

• Draft SP 800-53A Revision 5, “Assessing Security and Privacy Controls in Information Systems and Organizations,”
• NISTIR 8319, “Review of the Advanced Encryption Standard,”
• NISTIR 8369, “Status Report on the Second Round of the NIST Lightweight Cryptography Standardization Process.”
• SP 800-47 Revision 1, “Managing the Security of Information Exchanges.”
• 2nd Draft NISTIR 8286A: “Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management.”

NIAP News

Updates:

• None

Protection Profile Posting:

• NIAP is calling for Technical Community (TC) participants to review the VPN Client and VPN Gateway (GW) Protection Profile (PP) Modules

DISA News

• None

STIG Updates

• Samsung SDS EMM
• Zebra Android 10

NIST News

Announcements:

• None

Special Publications & Updates:

• Draft NISTIR 8270, “Introduction to Cybersecurity for Commercial Satellite Operations”
• NIST Cybersecurity White Paper, “Combinatorial Coverage Difference Measurement”
• NISTIR 8320A, “Hardware-Enabled Security: Container Platform Security Prototype”
• Draft NISTIR 8335, “Identity as a Service for Public Safety”
• NIST has released OSCAL 1.0.0
• Draft NISTIR 8336, “Background on Identity Federation Technologies for the Public Safety Community”
• Draft NISTIR 8374, “Cybersecurity Framework Profile for Ransomware Risk Management”
• Draft NIST Special Publication (SP) 800-216, “Recommendations for Federal Vulnerability Disclosure Guidelines”
• Draft Project Description, “Migration to Post-Quantum Cryptography”
• Draft NISTIR 8334, “Using Mobile Device Biometrics for Authenticating First Responders”

NIAP News

Updates:

• Policy #5 Frequently Asked Questions & Certificate Reporting Template have been updated

Protection Profile Posting:

• Virtualization Protection Profile, Version 1.1 (VIRTUALIZATION PP)
• PP-Module for Client Virtualization, Version 1.1 (CV PP-Module)
• PP-Module for Server Virtualization, Version 1.1 (SV PP-Module)

DISA News

• DISA continues to work towards implementation of the DISA Strategic Plan FY 2019-2022 Version 2, released in December of 2020.
• Assessment Requirements for IT services will now be placed in DISA contracts as outlined by a new directive from the Head of DISA contracting activity, Douglas W. Packard

STIG Updates

• DISA has released the SLES 15 Security Technical Implementation Guide (STIG) for review
• DISA has released the Honeywell Android 9.X Security Technical Implementation Guide (STIG) for review
• DISA has updated the SRG/STIG Library Compilations
• Group Policy Objects (GPO) have been updated
• 2021 Q1 Quarterly Release of STIGs
• DISA has released the Draft Cisco ASA Security Technical Implementation Guide (STIG) for review
• DISA has released the Draft Red Hat Enterprise Linux (RHEL) 8 Security Technical Implementation Guide (STIG) SCAP Benchmark for review

NIST News

Announcements:

• (None)

Special Publications & Updates:

• Draft NIST Special Publication (SP) 800-204B, Attribute-based Access Control for Microservices-based Applications using a Service Mesh
• New documents and information has been posted for the NIST Special Publication (SP) 800-53, Revision 5, Security and Privacy Controls for Information Systems and Organizations, and NIST SP 800-53B, Control Baselines for Information Systems and
• NIST Draft Special Publication (SP) 800-47 Revision 1, Managing the Security of Information Exchanges
• NISTIR 832 for the Cybersecurity for Internet of Things program

NIAP News

Updates:

• (None)

Protection Profile Posting:

• PP-Module for VPN Clients (VPN), Version 2.2

Connect With Us:

Stay up to date with Corsec as we bring you all the most recent updates to the standards, certifications, and requirements – Subscribe