Ubuntu goes through several rigorous security certifications and programs to meet common compliance requirements. All these security features are available with an Ubuntu Pro subscription.
FIPS 140-3
Federal Information Processing Standards Publications (FIPS) are issued by the National Institute of Standards and Technology (NIST). FIPS 140 specifies the security requirements for cryptographic modules. These requirements address the areas of secure design and implementation.
Ubuntu LTS releases have optional FIPS validated cryptographic packages, including the Linux kernel and OpenSSL, which are available with Ubuntu Pro. The full list of packages and certificates is available here.
Ubuntu 22.04 LTS is being certified against the new FIPS 140-3 standard. The cryptographic modules are reviewed by an independent testing lab before being officially certified by NIST. The list of modules in the testing phase is here, and the list of modules undergoing certification by NIST is here.
CIS
Ubuntu LTS releases have compliance benchmark documents developed by the Center for Internet Security (CIS). Ubuntu has developed the Ubuntu Security Guide to automate hardening Ubuntu LTS systems based off of the published CIS benchmarks. CIS benchmarks are available with the Ubuntu Security Guide for 22.04 LTS.
For more information see
- CIS Compliance with Ubuntu Security Guide for Ubuntu 20.04 and later
- CIS Compliance for Ubuntu 16.04 and 18.04.
DISA-STIG
Security Technical Implementation Guides (STIG) are developed by the Defense Information System Agency (DISA) for the U.S. Department of Defense (DoD). Ubuntu 22.04 is undergoing evaluation by DISA and when the STIG is produced it will be incorporated into the Ubuntu Security Guide.
Navigation
Documentation versions
| Path | Version |
|---|---|
| 2204 | 22.04 |
| 20.04 | |
| 16-18 | 16.04 / 18.04 |
Navigation
| Level | Path | Navlink |
|---|---|---|
| 0 | security-certifications | Security Certifications |
| 1 | fips | [FIPS 140-3] (FIPS for Ubuntu 22.04) |
| 1 | usg | Ubuntu Security Guide |
| 2 | usg/installation | Installation |
| 2 | usg/cis | CIS compliance |
| 3 | usg/cis/audit | Audit |
| 3 | usg/cis/compliance | Compliance |
| 3 | usg/cis/customization | Customization |
| 1 | disa-stig | DISA-STIG compliance |
| 2 | disa-stig/installation | Installation |
| 2 | disa-stig/audit | Audit |
| 2 | disa-stig/compliance | Compliance |
Redirects
Mapping table
| Path | Location |
|---|---|
| /security/certifications/docs/cis-20-18-16 | /security/certifications/docs/16-18/cis |
| /security/certifications/docs/cis-manual-requirements | /security/certifications/docs/16-18/cis/customization |
| /security/certifications/docs/cis-ruleset-params | /security/certifications/docs/16-18/cis/customization2 |
| /security/certifications/docs/cis-juju | /security/certifications/docs/16-18/cis/juju |
| /security/certifications/docs/cis-18-16 | /security/certifications/docs/16-18/cis |
| /security/certifications/docs/cc-16 | /security/certifications/docs/16-18/cc |
| /security/certifications/docs/cc | /security/certifications/docs/16-18/cc |
| /security/certifications/docs/fips-updates | /security/certifications/docs/fips |
| /security/certifications/docs/fips-16 | /security/certifications/docs/16-18/fips |
| /security/certifications/docs/cis-audit | /security/certifications/docs/usg/cis/audit |
| /security/certifications/docs/cis-compliance | /security/certifications/docs/usg/cis/compliance |
| /security/certifications/docs/cis | /security/certifications/docs/usg/cis |