CIS compliance

CIS compliance with Ubuntu LTS

Ubuntu contains native tooling to automate compliance and auditing with the Center for Internet Security (CIS) benchmarks. The Center for Internet Security (CIS), develops the CIS benchmark documents for Ubuntu LTS releases. As these documents contain a large number of hardening rules, compliance and auditing can be very efficient when using the Ubuntu native tooling that is available to subscribers of Ubuntu Advantage.

With Ubuntu 20.04 we introduce the Ubuntu Security Guide (USG) an easy to use tool for compliance and auditing that replaces our older tooling. See the following sections for more information.

Ubuntu 20.04 LTS

Ubuntu 16.04 and 18.04 LTS

Available CIS profiles

At the time of writing the following CIS profiles are automated with the native Ubuntu tooling.

Ubuntu release CIS profile version
20.04 LTS 1.0.0
18.04 LTS 2.0.1
16.04 LTS 1.1.0

The version of the profiles is tied to the specific release they apply and are not related, nor can be compared across releases.

Tutorials

Get the latest updates

A mailing list is used to announce patches and news related to the CIS packages and certifications.
To request to join the mailing list, please send “join” in the email body to ubuntu-certs-announce-request@lists.canonical.com.
Announcements will be sent to the email address ubuntu-certs-announce@lists.canonical.com from an “@canonical.com” email address.