Compliance automation

Ubuntu Pro simplifies security compliance burden for frameworks such as NIST CSF, FedRAMP, PCI-DSS, ISO27001, or CIS Benchmarks. Pro includes security vulnerability patching for up to 12 years, FIPS-validated cryptographic modules, and automated system hardening for CIS Benchmarks and DISA STIG. You can deploy it on-premise or in the public cloud.

Ubuntu Security Guide

The default configuration of Ubuntu balances usability and security. However, you can further harden systems carrying dedicated workloads to reduce their attack surface. Canonical provides the Ubuntu Security Guide to automatically harden systems to DISA STIG and CIS benchmarks profiles and generate audit reports. It’s available with Ubuntu Pro on-premise or ready-built on public clouds.

• Ubuntu Security Guide (USG)

FIPS-certified packages

Ubuntu Pro provides access to FIPS 140 certified cryptographic packages, so you can deploy workloads that need to operate under compliance regimes like FedRAMP, HIPAA, and PCI-DSS. Canonical works with NIST-approved testing labs to certify the core cryptographic modules within Ubuntu for FIPS 140 requirements. This enables applications to use these libraries in compliance with the FIPS standard.

• FIPS 140 for Ubuntu