The National Institute of Standards and Technology released an update of Special Publication (SP) 800-128, “Guide for Security-Focused Configuration Management of Information Systems,” which provides guidelines for organizations responsible for managing and administering the security of federal systems and associated environments of operation.
The guide focuses on the implementation of system security aspects of configuration management, and as such, the term “security-focused configuration management” (SecCM) is used to emphasize the concentration on information security, NIST said.
NIST released an errata update to reflect changes that have occurred in technology, terminology, and references since the document’s original publication in 2011. No significant or technical changes were made to the recommended guidance for SecCM.
Publication details:
https://csrc.nist.gov/publications/detail/sp/800-128/final