{% extends "security/base_security.html" %} {% block title %}Ubuntu DISA-STIG compliance | Security{% endblock %} {% block meta_description %}Technical details on the Ubuntu DISA-STIG guide for Linux.{% endblock %} {% block meta_copydoc %} https://docs.google.com/document/d/1zJwZzc-cERj9YKNXFtmrXwynJptyT7-D3qCNzBctRfo/edit# {% endblock meta_copydoc %} {% block content %}

DISA-STIG on Ubuntu

Comply with the DISA Security Technical Implementation Guide

Security Technical Implementation Guides (STIG) are developed by the Defense Information System Agency (DISA) for the U.S. Department of Defense (DoD). Ubuntu Pro on public cloud and Ubuntu Pro (Infra) have the necessary certifications and controls to comply with DISA-STIG guidelines on Linux.

Contact us Get Ubuntu Pro (Infra)
{{ image ( url="https://assets.ubuntu.com/v1/ef01809f-DISA-logo-transparent.png", alt="DISA-STIG logo", width="720", height="264", hi_def=True, loading="auto" ) | safe }}

How does Ubuntu enable your compliance with FIPS, and DISA-STIG?

Learn about the US government security standards and the common challenges faced by organisations in their implementation. See how the Ubuntu Security Guide can transform systems compliance in a few minutes. Get to know how Ubuntu is a secure platform for government agencies and complying organisations to build, operate and innovate with open source applications and technologies.

Contact us

What is DISA-STIG?

The Defense Information System Agency (DISA) is a US Department of Defense combat support agency. It provides and operates information infrastructure to support military operations and national-level leadership. The Security Technical Implementation Guide (STIG) is a configuration standard consisting of guidelines for hardening systems to improve a system’s security posture. It can be seen as a checklist for securing protocols, services, or servers to improve the overall security by reducing the attack surface.

DISA-STIG for Ubuntu

Together with Canonical, DISA has developed STIGs for Ubuntu. The U.S. DoD provides the STIG checklist, which can be viewed using STIG viewer, and SCAP content for auditing. The versions of Ubuntu that have STIGs available by DISA are marked on the table below.

Ubuntu 16.04 LTS Ubuntu 18.04 LTS Ubuntu 20.04 LTS
{{ image ( url="https://assets.ubuntu.com/v1/ef01809f-DISA-logo-transparent.png", alt="DISA logo", width="136", height="50", hi_def=True, attrs={"style": "vertical-align: middle;"}, loading="lazy" ) | safe }} Defense Information System Agency Security Technical Implementation Guides (STIGs) and Supplemental Automation Content for Ubuntu {{ image(url="https://assets.ubuntu.com/v1/2ccda8d7-tick-orange.svg", alt="Yes: Configuration guide", width="14", height="14", hi_def=True, loading="lazy",) | safe }} {{ image(url="https://assets.ubuntu.com/v1/2ccda8d7-tick-orange.svg", alt="Yes: Configuration guide", width="14", height="14", hi_def=True, loading="lazy",) | safe }} Yes: Tooling and automation
Read more about Ubuntu tooling and automation

How to audit and comply with DISA-STIG?

  1. Auditing

    Using the Ubuntu Security Guide auditing is as simple as:

    sudo usg audit disa_stig

    and get the report in machine readable or browser friendly format.

  2. Compliance

    Using the Ubuntu Security Guide applying the necessary rules for compliance is as simple as:

    sudo usg fix disa_stig

Read more about Ubuntu Security Guide

{% with first_item="_security_discussion", second_item="_security_esm", third_item="_security_further_reading" %} {% include "shared/contextual_footers/_contextual_footer.html" %} {% endwith %}
{% endblock content %}