Security standards
Run Ubuntu in high-security environments. Confidently deploy critical workloads while meeting rigorous cybersecurity standards like NIST 800-53, FedRAMP, and CMMC with Ubuntu Pro. As the publishers of Ubuntu, we’ve also developed automated hardening solutions enabling you to run Ubuntu in any environment.
Supported standards
FIPS
FIPS 140-2 & 140-3 certified modules are available for Ubuntu.
DISA-STIG
Simplify your DISA-STIG hardening process by taking advantage of the automation available with Ubuntu Security Guide (USG).
CIS
Harden your systems to CIS benchmark standards using the automation available with Ubuntu Security Guide (USG).
CRA
Learn how Canonical’s security vulnerability management program enables you to comply with the requirements of the Cyber Resilience Act.
NIST 800-53
Canonical provides hardening and compliance tools to help you meet NIST 800-53 requirements.
CMMC
Canonical provides hardening tools, FIPS 140 certified cryptographic modules, and timely vulnerability patching that enable CMMC compliance.
FedRAMP
Find security tools to help you achieve FedRAMP Authority To Operate.
PCI-DSS
Gain extra security and compliance guarantees needed to deploy applications in line with PCI-DSS requirements.
HIPAA
Canonical supports your path towards HIPAA compliance.
NIS2
Canonical can help you with your compliance needs related to EU NIS2.
UK Cyber Essentials
Achieve Cyber Essentials through our robust security patching and hardening tools.
Security compliance in action
Ubuntu Pro helps Lucid Software meet FedRAMP compliance for government contracts
By deploying Ubuntu Pro, Lucid acquired AWS-compatible and FIPS 140-2 certified packages and became FedRAMP compliant.
Read the case study ›
LaunchDarkly becomes the first FedRAMP-authorized feature management platform thanks to Ubuntu Pro
Learn how a SaaS provider achieved effortless FIPS compliance on AWS.
Read the case study ›
How New Mexico State University accelerates compliant federal research with Ubuntu
When the stakes are high and national security is on the line, every decision matters. Just ask the team at New Mexico State University’s Physical Science Laboratory (PSL).
Read the case study ›
Compliance everywhere
On-prem
Ubuntu Pro enables compliance on Ubuntu desktops and servers in private clouds, Virtual Machines, and air-gapped environments.
In the cloud
Get pre-hardened and compliant Ubuntu Pro images in the public cloud.
On the Edge
Take advantage of Ubuntu Core, our new immutable Ubuntu designed for IoT and Edge deployments withUbuntu Pro for Devices.
Resources
When an upstream change broke smartcard FIPS authentication – and how we fixed it
This is the story of how Canonical’s Support team provided bug-fix support: we tracked down an upstream change in OpenSC that inadvertently broke FIPS compatibility, coordinated with...
How to build DORA-ready infrastructure with verifiable provenance and reliable support
DORA requires organizations to know what they run, where it came from, and how it’s maintained. Learn how to build infrastructure with verifiable provenance.
Announcing FIPS 140-3 for Ubuntu Core22
FIPS compliance for IoT use cases in Federal space. In this article, we’ll explore what Ubuntu Core is, and how to use it with FIPS.
Everything you need to know about FIPS 140-3 on Ubuntu | Videos
We get a lot of questions about FIPS 140-3, and so we decided to put together this comprehensive collection of video resources to answer the most burning ones we’ve had so far.
Easily comply with the most
stringent security standards
with Ubuntu Pro
Ubuntu Pro provides an easy pathway to compliance. It delivers vulnerability patching for the entire Ubuntu Archive (Main and Universe repositories), along with automated, unattended, and restartless updates, and the best tools to secure and manage your Ubuntu infrastructure developed by the publisher of Ubuntu.