Mission and Overview
NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).
Resource Status
NVD contains:

Last updated: 8/1/2014 6:35:22 PM

CVE Publication rate: 17.5

Email List

NVD provides four mailing lists to the public. For information and subscription instructions please visit NVD Mailing Lists

Workload Index
Vulnerability Workload Index: 6.81
About Us
NVD is a product of the NIST Computer Security Division and is sponsored by the Department of Homeland Security's National Cyber Security Division. It supports the U.S. government multi-agency (OSD, DHS, NSA, DISA, and NIST) Information Security Automation Program. It is the U.S. government content repository for the Security Content Automation Protocol (SCAP).

National Checklist Program

Checklist Program Participation Materials

This page contains current, up-to-date versions of documents and forms for participation in the NIST checklist program.

  • NIST Special Publication 800-70: Security Configuration Checklists for IT Products Program - This publication provides a high-level overview of the NIST checklist program and then provides more detailed information for users and developers. The forms and other documents listed below on this page are to be used for actual participation in the checklist program. The links below will contain more recent versions of those forms and documents.
  • Participation package - Version 2.1 - February, 2011 - a zipped package of all forms and documents needed for participation in the checklist program. This package does not include the 800-70 publication, which can be downloaded separately.
    • Blank Checklist Description Form - Version 2.1 - February, 2011 - This form contains a number of fields that, collectively, describe aspects of a checklist so that it can be cataloged and referenced within the checklist repository. The completed form must be no longer than 8400 characters (including spaces); this length restriction does not include the title page. This form must be completed before submitting a checklist to the checklist program.
    • Checklist Participation and Logo Usage Agreement - Version 1.3 - February, 2011 - This form contains the requirements for participating in the checklist program and for using the checklist program logo on IT product advertising materials; it must be signed and returned to NIST.
    • Checklist Program Operational Procedures - Version 1.2 - February, 2011 - This document is intended as a reference for organizations to while participating in the checklist program. It summarizes the operational procedures of the checklist program and outlines the nature of the interactions between NIST and checklist developers during the course of checklist development, review, listing on the checklist repository, and checklist maintenance.