[Webinar] Learn how to a build a cloud-first strategyRegister Now


Code Repository that's NIST 800-53 compliant

Posted on 2011-10-17
Medium Priority
Last Modified: 2013-11-13
For code repositories, I've been a user of first, CVS, and then SVN for the past 6 years.  Because it's open source, my company needs to replace it with a code repository that is NIST 800-53 compliant.  Does anyone have any suggestions?  I know anything from Microsoft meets NIST standards but I'm not a fan of using Microsoft for everything.


Question by:Molly Fagan
  • 2
  • 2

Expert Comment

ID: 36985149
You might check Perforce (http://perforce.com) or Mercurial (http://mercurial.selenic.com).  Neither website mentions NIST compliance, however.

Author Comment

by:Molly Fagan
ID: 36985911
Thanks for the response.  Mecurial isn't considered NIST compliant because of it being open source.  In doing research, I hadn't stumbled across Perforce--do you use it?

Accepted Solution

eager earned 1000 total points
ID: 36986001
I have used Perforce, but only a little.  One of my clients used it for their SCM. It appeared to be a good quality package. I've talked with Perforce reps at trade shows and they seem knowledgeable.  It does use a different terminology than I am used to, so there was a bit of a learning curve.

I'm not familiar with NIST 800-53 (and Wikipedia is not very enlightening).  I would be disappointed to hear that open source programs are, by definition, not compliant.  Proprietary does not equate to better quality or more secure.  

Author Comment

by:Molly Fagan
ID: 36986064
My company is still learning all of the NIST rules.  I probably should have worded my question differently and asked what federal contractors are using.

I'm disappointed that open source programs aren't compliant either but from what I understand, it's because of going through the code review per NIST, etc.  I'm not 100% that's the reason but that's what I've been able to gather.  I love using Subversion, would prefer to move to GIT, but those aren't options.

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, the web development industry is booming, and many people consider it to be their vocation. The question you may be asking yourself is – how do I become a web developer?
We live in a world of interfaces like the one in the title picture. VBA also allows to use interfaces which offers a lot of possibilities. This article describes how to use interfaces in VBA and how to work around their bugs.
Starting up a Project
Screencast - Getting to Know the Pipeline

865 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question