Security archives
71 posts
Enable FIPS on Google Cloud
By Hugo Huang, 9 March 2022
Ubuntu Pro FIPS images are now available in Google Cloud. Find out more about why you need a FIPS-compliant environment and how you can be FIPS compliant in...
Monitor Ubuntu Advantage FIPS configurations
By Rajan Patel, 21 February 2022
There are multiple ways to enable, manage, and monitor FIPS on Ubuntu. You can use the UA Client to enable FIPS, and configure Landscape to audit FIPS...
Building and running FIPS containers on Ubuntu 18.04
By Massimiliano Gori, 21 February 2022
Build and run Ubuntu containers that comply with the US and Canada government FIPS140-2 data protection standard.
CIS benchmark compliance: Introducing the Ubuntu Security Guide
By Nikos Mavrogiannopoulos, 18 January 2022
The CIS benchmark has hundreds of configuration recommendations, so hardening and auditing a Linux system manually can be very tedious. Every administrator of...
Log4Shell: Log4j remote code execution vulnerability
By Canonical, 16 December 2021
Last updated on 18th January 2022 to include the latest vulnerability updates. A high impact vulnerability was discovered in Apache Log4j 2, a widely deployed...
Data Pipelines Overview
By Hugo Huang, 14 December 2021
A Data Pipeline is a series of processes that collects raw data from various sources, filters the disqualified data, transforms them into the appropriate...
History of Open Source Identity Management (part 2)
By Massimiliano Gori, 22 November 2021
This is the second blog post (part 1 available here) where we look at the history of open source identity management. This post focuses on Oauth and OpenID,...
FIPS on Google Cloud
By Hugo Huang, 22 November 2021
In August 2016, the United States government announced a new federal source-code policy, which mandates that at least 20% of custom source code developed by...
CIS-Harden your Ubuntu in Google Cloud
By Hugo Huang, 9 November 2021
CIS Benchmarks are best practices for the secure configuration of a target system. The Center for Internet Security, Inc. (CISĀ®) is the authority backing CIS...
History of Open Source Identity Management (part 1)
By Massimiliano Gori, 8 November 2021
First post on the history of the main Open Source Identity Management protocols and technologies. This post covers the origins, LDAP and Kerberos
Managing Livepatch on-prem
By Nikos Mavrogiannopoulos, 13 September 2021
Ubuntu Livepatch is the service and the software that enables organizations to quickly patch vulnerabilities on the Linux kernel. It enables uninterrupted...
How to develop Linux applications for FIPS on Ubuntu
By Nikos Mavrogiannopoulos, 6 September 2021
This is the second article in our series regarding FIPS 140 and Ubuntu. The first part of this series, this article, covers running FIPS 140 applications on...