Enable FedRAMP compliance with Ubuntu Pro
Achieve FedRAMP Authority to Operate and bring your cloud service offerings to the US Federal Government marketplace with the help of Ubuntu Pro. Meet the most demanding security baseline controls within your technology stack.
Why choose Canonical
for your FedRAMP journey
Security patching made easy
FIPS-certified crypto modules
System hardening
Trusted by professionals
Ubuntu Pro enables our engineering teams to focus on delivering industry-leading products and services to Acquia customers. Canonical's transparency and patching expedience give me peace of mind that we are providing the most secure and compelling solutions to power innovative digital experiences.
Robert Former
Chief Information Security Officer, Acquia
FIPS 140 certified Ubuntu Images on AWS fulfil our FedRAMP compliance requirements. With enterprise-grade Ubuntu Pro support backed by Canonical's 10-year security maintenance commitment, we provide critical infrastructure for some of the world's most famous brands.
Patrick Kaeding
Security Engineer, LaunchDarkly
Download our guide:
Maximising security and compliance in the US public sector ›
What is FedRAMP and who needs it?
The Federal Risk and Authorization Management Program (FedRAMP) is a US federal government-wide security and compliance program for cloud service providers. In order for federal agencies to use cloud services, the provider must be FedRAMP authorised. The security controls within FedRAMP are based on the NIST SP 800-53 standard.
What Canonical can provide
Patching security vulnerabilities
Canonical provides 10 years of security patching for software applications and infrastructure components within the Ubuntu ecosystem. FedRAMP requires you to fix high-risk vulnerabilities within 30 days. Since starting out 20 years ago, Canonical has released patches for critical vulnerabilities within 24 hours.
FIPS-certified crypto modules
Ubuntu Pro provides FIPS 140 certified cryptographic modules that are a direct drop-in replacement for the standard cryptography libraries which ship with Ubuntu by default. These libraries make it easy for you to deploy applications that use cryptographic algorithms and protocols in accordance with the FIPS 140 standard.
System hardening
The Ubuntu Security Guide allows you to harden critical systems, locking them down to approved industry standards including the CIS benchmarks and DISA STIG. This functionality enables automated auditing and remediation for the hundreds of rules specified within the hardening benchmarks.
Take the next step towards FedRAMP compliance
- Watch the webinar on FedRAMP, FISMA, FIPS, and DISA-STIG
- Learn about all our security certifications
- Explore pricing and find the right subscription for your needs
Canonical is a software distributor rather than a service provider, and as such we are not FedRAMP certified ourselves, but we provide Ubuntu Pro that enables our customers to meet these specific technology requirements within the baseline controls.