Security standards

Run Ubuntu in high-security environments. Confidently deploy critical workloads while meeting rigorous cybersecurity standards like NIST 800-53, FedRAMP, and CMMC with Ubuntu Pro. As the publishers of Ubuntu, we’ve also developed automated hardening solutions enabling you to run Ubuntu in any environment.

FIPS 140-3 is now available for Ubuntu 22.04 LTS. Learn more

Supported standards

  • FIPS

    FIPS 140-2 & 140-3 certified modules are available for Ubuntu.

  • DISA-STIG

    Simplify your DISA-STIG hardening process by taking advantage of the automation available with Ubuntu Security Guide (USG).

  • CIS

    Harden your systems to CIS benchmark standards using the automation available with Ubuntu Security Guide (USG).

  • CRA

    Learn how Canonical’s security vulnerability management program enables you to comply with the requirements of the Cyber Resilience Act.

  • NIST 800-53

    Canonical provides hardening and compliance tools to help you meet NIST 800-53 requirements.

  • CMMC

    Canonical provides hardening tools, FIPS 140 certified cryptographic modules, and timely vulnerability patching that enable CMMC compliance.

  • FedRAMP

    Find security tools to help you achieve FedRAMP Authority To Operate.

  • PCI-DSS

    Gain extra security and compliance guarantees needed to deploy applications in line with PCI-DSS requirements.


Security compliance in action

Lucid Software

Ubuntu Pro helps Lucid Software meet FedRAMP compliance for government contracts

By deploying Ubuntu Pro, Lucid acquired AWS-compatible and FIPS 140-2 certified packages and became FedRAMP compliant.


Read the case study ›
LaunchDarkly

LaunchDarkly becomes the first FedRAMP-authorized feature management platform thanks to Ubuntu Pro

Learn how a SaaS provider achieved effortless FIPS compliance on AWS.


Read the case study ›
New Mexico State University

How New Mexico State University accelerates compliant federal research with Ubuntu

When the stakes are high and national security is on the line, every decision matters. Just ask the team at New Mexico State University’s Physical Science Laboratory (PSL).


Read the case study ›

Compliance everywhere


On-prem

Ubuntu Pro enables compliance on Ubuntu desktops and servers in private clouds, Virtual Machines, and air-gapped environments.


In the cloud

Get pre-hardened and compliant Ubuntu Pro images in the public cloud.


On the Edge

Take advantage of Ubuntu Core, our new immutable Ubuntu designed for IoT and Edge deployments with Ubuntu Pro for Devices.


Resources

What is System Hardening? Essential Checklists from OS to Applications

Hardening a system aims to decrease its exposure to make it difficult to hack, and to lessen the potential collateral damage in the event of a compromise.

Hardening automation for CIS benchmarks now available for Ubuntu 24.04 LTS

We’re pleased to release Ubuntu Security Guide profiles for CIS benchmarks.

What is Application Security (AppSec)?

Application security (or AppSec, for short) is a broad term that refers to all of the tools, actions, and processes that an organization uses to protect its applications against vulnerabilities...

NIS2 合规综合指南:第 1 部 — 了解 NIS2 及其范围

欧盟 NIS2 指令呼吁加强整个欧盟的网络安全,目前已在所有成员国生效。在这个由三部分组成的博客系列中,我将解释 NIS2 是什么,并帮助您了解它是否适用于贵公司,以及如何才能符合 NIS2。 在第一部分中,我将介绍 NIS2 是什么以及其与其前身 NIS 的区别和适用性,帮助您理解并判断它是否与您的公司相关。 NIS2简介 欧盟指令 2022/2555...


Easily comply with the most
stringent security standards
with Ubuntu Pro

Ubuntu Pro provides an easy pathway to compliance. It delivers CVE patching for Ubuntu OS and Applications covering 36,000 packages, along with automated, unattended, and restartless updates, and the best tools to secure and manage your Ubuntu infrastructure developed by the publisher of Ubuntu.


Contact us Learn more about Pro ›