Security standards
Run Ubuntu in high-security environments. Confidently deploy critical workloads while meeting rigorous cybersecurity standards like NIST 800-53, FedRAMP, and CMMC with Ubuntu Pro. As the publishers of Ubuntu, we’ve also developed automated hardening solutions enabling you to run Ubuntu in any environment.
Supported standards
FIPS
FIPS 140-2 & 140-3 certified modules are available for Ubuntu.
DISA-STIG
Simplify your DISA-STIG hardening process by taking advantage of the automation available with Ubuntu Security Guide (USG).
CIS
Harden your systems to CIS benchmark standards using the automation available with Ubuntu Security Guide (USG).
CRA
Learn how Canonical’s security vulnerability management program enables you to comply with the requirements of the Cyber Resilience Act.
NIST 800-53
Canonical provides hardening and compliance tools to help you meet NIST 800-53 requirements.
CMMC
Canonical provides hardening tools, FIPS 140 certified cryptographic modules, and timely vulnerability patching that enable CMMC compliance.
FedRAMP
Find security tools to help you achieve FedRAMP Authority To Operate.
PCI-DSS
Gain extra security and compliance guarantees needed to deploy applications in line with PCI-DSS requirements.
Security compliance in action
Ubuntu Pro helps Lucid Software meet FedRAMP compliance for government contracts
By deploying Ubuntu Pro, Lucid acquired AWS-compatible and FIPS 140-2 certified packages and became FedRAMP compliant.
Read the case study ›
LaunchDarkly becomes the first FedRAMP-authorized feature management platform thanks to Ubuntu Pro
Learn how a SaaS provider achieved effortless FIPS compliance on AWS.
Read the case study ›
How New Mexico State University accelerates compliant federal research with Ubuntu
When the stakes are high and national security is on the line, every decision matters. Just ask the team at New Mexico State University’s Physical Science Laboratory (PSL).
Read the case study ›
Compliance everywhere
On-prem
Ubuntu Pro enables compliance on Ubuntu desktops and servers in private clouds, Virtual Machines, and air-gapped environments.
In the cloud
Get pre-hardened and compliant Ubuntu Pro images in the public cloud.
On the Edge
Take advantage of Ubuntu Core, our new immutable Ubuntu designed for IoT and Edge deployments with Ubuntu Pro for Devices.
Resources
What is System Hardening? Essential Checklists from OS to Applications
Hardening a system aims to decrease its exposure to make it difficult to hack, and to lessen the potential collateral damage in the event of a compromise.
Hardening automation for CIS benchmarks now available for Ubuntu 24.04 LTS
We’re pleased to release Ubuntu Security Guide profiles for CIS benchmarks.
What is Application Security (AppSec)?
Application security (or AppSec, for short) is a broad term that refers to all of the tools, actions, and processes that an organization uses to protect its applications against vulnerabilities...
NIS2 合规综合指南:第 1 部 — 了解 NIS2 及其范围
欧盟 NIS2 指令呼吁加强整个欧盟的网络安全,目前已在所有成员国生效。在这个由三部分组成的博客系列中,我将解释 NIS2 是什么,并帮助您了解它是否适用于贵公司,以及如何才能符合 NIS2。 在第一部分中,我将介绍 NIS2 是什么以及其与其前身 NIS 的区别和适用性,帮助您理解并判断它是否与您的公司相关。 NIS2简介 欧盟指令 2022/2555...
Easily comply with the most stringent security standards with Ubuntu Pro
Ubuntu Pro provides an easy pathway to compliance. It delivers CVE patching for Ubuntu OS and Applications covering 36,000 packages, along with automated, unattended, and restartless updates, and the best tools to secure and manage your Ubuntu infrastructure developed by the publisher of Ubuntu.