DISA-STIG on Ubuntu

Comply with the DISA Security
Technical Implementation Guide

Security Technical Implementation Guides (STIG) are developed by the Defense Information System Agency (DISA) for the U.S. Department of Defense (DoD). Ubuntu Pro on public cloud and Ubuntu Pro (Infra) have the necessary certifications and controls to comply with DISA-STIG guidelines on Linux.

Contact us Get Ubuntu Pro (Infra) ›

How does Ubuntu enable your compliance with FIPS,
and DISA-STIG?

Learn about the US government security standards and the common challenges faced by organizations in their implementation. See how the Ubuntu Security Guide can transform systems compliance in a few minutes. Get to know how Ubuntu is a secure platform for government agencies and complying organizations to build, operate and innovate with open source applications and technologies.

Contact us Watch the webinar ›

What is DISA-STIG?

The Defense Information System Agency (DISA) is a US Department of Defense combat support agency. It provides and operates information infrastructure to support military operations and national-level leadership. The Security Technical Implementation Guide (STIG) is a configuration standard consisting of guidelines for hardening systems to improve a system's security posture. It can be seen as a checklist for securing protocols, services, or servers to improve the overall security by reducing the attack surface.

DISA-STIG for Ubuntu

Together with Canonical, DISA has developed STIGs for Ubuntu. The U.S. DoD provides the STIG checklist, which can be viewed using STIG viewer, and SCAP content for auditing. The versions of Ubuntu that have STIGs available by DISA are marked on the table below.

Read more about Ubuntu tooling and automation ›

DISA Security Technical Implementation Guides (STIGs) and Supplemental Automation Content for Ubuntu

  • Ubuntu 16.04 LTS
    Configuration guide
  • Ubuntu 18.04 LTS
    Configuration guide
  • Ubuntu 20.04 LTS
    Tooling and automation
  • Ubuntu 22.04 LTS
    Tooling and automation

How to audit and comply
with DISA-STIG?

  1. Auditing

    Using the Ubuntu Security Guide for auditing is as simple as:

    sudo usg audit disa_stig

    and get the report in machine readable or browser friendly format.

  2. Compliance

    Using the Ubuntu Security Guide for applying the necessary rules for compliance is as simple as:

    sudo usg fix disa_stig
    Read more about Ubuntu Security Guide ›

Canonical is offering
Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Resources

Join the discussion

Further reading