Dedicated to the security of Ubuntu

Since its inception in 2004, Ubuntu has been built on a foundation of enterprise-grade, industry leading security practices. From our toolchain to the suite of packages we use and from our update process to our industry standard certifications, Canonical never stops working to keep Ubuntu at the forefront of safety and reliability.

Watch the Ubuntu cybersecurity webinar Contact us

Need information about the CRA? Canonical is committed to delivering Cyber Resilience Act (CRA) compliant Ubuntu. To learn more, contact our sales team.

Secure out of the box

All Canonical products are built with unrivalled security in mind — and tested to ensure they deliver it. Your Ubuntu software is secure from the moment you install it, and will remain so as Canonical ensures security updates are always available on Ubuntu first.

Learn more about Ubuntu’s security features

Hardening at scale

The default configuration of Ubuntu LTS releases balances between usability, performance and security. However, non general purpose systems can be further hardened to reduce their attack surface. Canonical provides certified tooling for automated audit and hardening. Comply with widely accepted industry hardening profiles, including CIS and DISA-STIG.

Learn more about hardening Ubuntu ›

Certified compliance

Canonical offers a range of tools to enable organisations to manage their desktop fleet and cloud with specific compliance requirements. A FIPS (Federal Information Processing Standard) certified version of Ubuntu is also available to comply to US government standards.

Learn more about Ubuntu with FIPS 140 ›

Cybersecurity and Compliance with Ubuntu

Learn about cybersecurity and zero trust as well as the common challenges faced in the implementation of cybersecurity programs, including challenges in vulnerability management, secure configuration of software and defenses against malware. See how Canonical and Ubuntu can help manage these challenges and lay the software foundation of a successful cybersecurity program.

Contact us

Find out more

Canonical puts security at the heart of Ubuntu

  • Fast fixes

    No system is 100% secure and vulnerabilities will always arise. What matters is the speed and success with which they are resolved — and nobody makes fixes available faster than Canonical.

  • Automatic updates

    Security updates are provided for ten years for long term support (LTS) releases. With the default configuration for unattended upgrades (16.04 and after), these updates get applied to your system automatically.

  • Livepatch

    The Ubuntu Livepatch Service enables live automatic security fixes to the kernel without rebooting. This service reduces unplanned downtime while maintaining compliance and security.

  • 10 years of support

    A new LTS (Long Term Support) version of Ubuntu is released every two years, for desktop and server. Both versions receive updates and are supported for ten years.

  • Expanded security

    Canonical offers Expanded Security Maintenance (ESM) for infrastructure and applications to provide kernel livepatches and vulnerability fixes through a secure and private archive.

  • FIPS

    Ubuntu provides you with FIPS 140 certified cryptographic packages enabling Linux workloads to run on U.S. government regulated and high security environments.

  • Designed to be secure

    Linux is based on Unix. It inherits Discretionary Access Control and includes Mandatory Access Control via AppArmor.

  • Protected VMs

  • Secure snap packages

    Software packages delivered as strict-mode snaps are fully confined using AppArmor, device cgroups, and seccomp.

Learn how ITstrategen keeps their applications secure with Ubuntu

The security of customer data is of the utmost importance to ITstrategen, which is why Ubuntu is their server operating system of choice.

Read the case study

Ubuntu is trusted by

Find out why the UK Government puts Ubuntu in first place for security

CESG, the security arm of the UK government rated Ubuntu as the most secure operating system of the 11 they tested.

Read the UK Gov Report Summarycase study

Helping you manage security

Every Long Term Support (LTS) release of Ubuntu comes with five years of free security and maintenance updates for the main OS. Canonical also offers a number of additional products and services to help manage the security of your Ubuntu systems.

Reduce downtime and unplanned work

The Ubuntu Livepatch service eliminates the need for unplanned maintenance windows for high and critical severity kernel vulnerabilities by patching the Linux kernel while the system runs. Reduce fire drills while keeping uninterrupted service with Ubuntu Livepatch service for up to ten years.

Learn more about the Livepatch Service ›

Be compliant and FIPS certified

Developing and running workloads for high security and government regulated environments requires a long and expensive validation process. Reduce your accreditation timeline and pass on your validation costs with the FIPS 140 and Common Criteria certifications available with Ubuntu Advantage and Pro.

Learn more about Ubuntu certifications ›

Manage security updates with Landscape

Landscape is the leading management tool to deploy, monitor and manage your Ubuntu servers and desktops. Landscape gives the ability to centrally view and manage the security updates that have been applied to their systems and, critically, the security updates which have not yet been applied.

Get Landscape

Expand your Ubuntu security maintenance

Canonical offers Expanded Security Maintenance (ESM), to Ubuntu Pro customers to provide important security fixes for the kernel and essential user space packages, toolchains, and applications. These updates are delivered via a secure, private archive exclusively available to Canonical customers.

Watch our security compliance webinar now ›

Ubuntu Pro

All of our security products are available for a one off fee.

Ubuntu Pro is the professional package of tools, technology and expertise from Canonical, helping organisations around the world get the most out of their Ubuntu deployments. It includes access to:

  • Livepatch: automatic kernel security hotfixes without rebooting
  • FIPS: certified cryptographic modules available for compliance requirements
  • Landscape: the systems management tool for using Ubuntu at scale
  • Expanded Security Maintenance: critical, high and selected medium security updates
  • Knowledge Base: a private archive of expert-written articles and tutorials
  • Optional support: phone and web-based support at multiple service levels

Purchase Ubuntu Pro

Contact us about Ubuntu Pro ›

Talk to a member of our team

We can recommend a security solution that best suits the needs of your organisation.

Ubuntu security disclosure policy

Canonical and the Ubuntu Security Team participate in responsible disclosure and collaborate with the wider community on security issues. For more information on how to contact the Ubuntu Security Team and expectations, please refer to our Ubuntu Security disclosure and embargo policy.