Ubuntu goes through several rigorous security certifications and programs and these pages are dedicated to them. All certification artefacts are available with an Ubuntu Pro subscription.
FIPS 140
Federal Information Processing Standards Publications (FIPS) are issued by the National Institute of Standards and Technology (NIST). FIPS 140 specifies the security requirements for cryptographic modules. These requirements address the areas of secure design and implementation.
Ubuntu LTS releases starting with 16.04 (Xenial) come with FIPS validated cryptographic packages, including the Linux kernel and OpenSSL. The full list of packages and certificates is available here.
Ubuntu 22.04 LTS is being certified against the new FIPS 140-3 standard. The cryptographic modules are reviewed by an independent testing lab before being officially certified by NIST. The list of modules in the testing phase is here, and the list of modules undergoing certification by NIST is here.
CIS
Ubuntu LTS releases starting with 16.04 (Xenial) have compliance benchmark documents developed by the Center for Internet Security (CIS). Ubuntu with has developed the Ubuntu Security Guide to automate hardening Ubuntu LTS systems based off of the published CIS benchmarks. CIS benchmarks are available with the Ubuntu Security Guide for 22.04 LTS.
For more information see
- CIS Compliance with Ubuntu Security Guide for Ubuntu 20.04 and later
- CIS Compliance for Ubuntu 16.04 and 18.04.
DISA-STIG
Security Technical Implementation Guides (STIG) are developed by the Defense Information System Agency (DISA) for the U.S. Department of Defense (DoD). Ubuntu 22.04 is undergoing evaluation by DISA and when the STIG is produced it will be incorporated into the Ubuntu Security Guide.
Navigation
Documentation versions
Path | Version |
---|---|
2204 | 22.04 |
20.04 | |
16-18 | 16.04 / 18.04 |
Navigation
Level | Path | Navlink |
---|---|---|
0 | security-certifications | Security Certifications |
1 | fips | FIPS 140 |
2 | fips-enablement | Enabling FIPS |
2 | fips-updates | Security patching |
2 | fips-details | Detailed certification information |
2 | fips-cloud-containers | FIPS for clouds and containers |
2 | fips-devel | Developing for FIPS |
2 | fips-faq | FIPS FAQ |
1 | usg | Ubuntu Security Guide |
2 | usg/installation | Installation |
2 | usg/cis | CIS compliance |
3 | usg/cis/audit | Audit |
3 | usg/cis/compliance | Compliance |
3 | usg/cis/customization | Customization |
1 | disa-stig | DISA-STIG compliance |
2 | disa-stig/installation | Installation |
2 | disa-stig/audit | Audit |
2 | disa-stig/compliance | Compliance |
Redirects
Mapping table
Path | Location |
---|---|
/security/certifications/docs/cis-20-18-16 | /security/certifications/docs/16-18/cis |
/security/certifications/docs/cis-manual-requirements | /security/certifications/docs/16-18/cis/customization |
/security/certifications/docs/cis-ruleset-params | /security/certifications/docs/16-18/cis/customization2 |
/security/certifications/docs/cis-juju | /security/certifications/docs/16-18/cis/juju |
/security/certifications/docs/cis-18-16 | /security/certifications/docs/16-18/cis |
/security/certifications/docs/cc-16 | /security/certifications/docs/16-18/cc |
/security/certifications/docs/cc | /security/certifications/docs/16-18/cc |
/security/certifications/docs/fips-updates | /security/certifications/docs/fips |
/security/certifications/docs/fips-16 | /security/certifications/docs/16-18/fips |
/security/certifications/docs/cis-audit | /security/certifications/docs/usg/cis/audit |
/security/certifications/docs/cis-compliance | /security/certifications/docs/usg/cis/compliance |
/security/certifications/docs/cis | /security/certifications/docs/usg/cis |