Enable FIPS compliance with Ubuntu Pro

Get easy access to FIPS 140-2 and FIPS 140-3 certified modules, required by U.S. federal standards. Run Ubuntu workloads in high-security environments on-prem, in the cloud, and at the edge. Enjoy 1-step access with an Ubuntu Pro subscription.

Contact us Access a 30-day free trial ›
Bridging DevSecOps and compliance | Snyk's FedRAMP success with Canonical on AWS

The benefits of FIPS for Ubuntu

Disruption-free crypto compliance

Deploy certified modules with one Ubuntu Pro command to enable FIPS mode for the whole system. Existing workloads can operate seamlessly in FIPS mode, as we provide FIPS compliance for your OS and any dependent applications on top.

Automated security patching included

Keeping up to date with the latest security patches is vital, especially in high-security environments. With the Ubuntu Pro subscription, you get up to 12 years of security maintenance for your Ubuntu systems. You can also automate patching at scale with Landscape, a fleet management tool included in Ubuntu Pro.

Enabling other compliance requirements

FIPS is often a prerequisite for wider compliance requirements including CMMC, FedRAMP, DISA STIG and others. With Ubuntu Pro, we enable the pieces you need to build a fully compliant environment. You get access to asset management and system hardening tools that enable easy audit and compliance automation for your entire fleet.

Security compliance in action

Lucid Software

Ubuntu Pro helps Lucid Software meet FedRAMP compliance for government contracts

By deploying Ubuntu Pro, Lucid acquired AWS-compatible and FIPS 140-2 certified packages and became FedRAMP compliant.

Read the case study ›
LaunchDarkly

LaunchDarkly becomes the first FedRAMP-authorized feature management platform thanks to Ubuntu Pro

Learn how a SaaS provider achieved effortless FIPS compliance on AWS.

Read the case study ›
New Mexico State University

How New Mexico State University accelerates compliant federal research with Ubuntu

When the stakes are high and national security is on the line, every decision matters. Just ask the team at New Mexico State University’s Physical Science Laboratory (PSL).

Read the case study ›

FIPS compliance everywhere

On-prem

Ubuntu Pro enables compliance on Ubuntu desktops and servers in private clouds, virtual machines, and air-gapped environments.

In the cloud

Get FIPS pre-enabled Ubuntu Pro images in the public cloud

On the edge

Enable FIPS compliance on your edge devices with Ubuntu Core, our immutable Ubuntu OS designed for IoT and edge deployments. Access FIPS with Ubuntu Pro for Devices.

What you need to know
about FIPS 140-3

FIPS 140-3 came into effect in 2020 and supersedes 140-2, which will be sunsetted in September 2026. From Ubuntu 22.04 onwards, we will enable compliance for FIPS 140-3. However, for previous Ubuntu LTS versions, certified for 140-2, it is acceptable to continue using them in existing installations. At Canonical, we are committed to continuing the security maintenance for those LTS versions for the lifetime of their support, with additional years offered with Ubuntu Pro. For more details, explore the release cycle details here.

FIPS packages
and security updates

The NIST certification process can take months or even years, but new security vulnerabilities are constantly being discovered. The FIPS modules which NIST certifies are frozen in time from the point that they were submitted for assessment, and may contain unpatched vulnerabilities. In order to address this shortcoming, Canonical continuously patches the FIPS modules along with the rest of Ubuntu distribution, as security is more important than strict compliance. Whilst these FIPS modules are no longer the exact binary files that were submitted for validation, we ensure that the FIPS functionality is unchanged. This approach to security vs compliance is supported by FedRAMP v5.

Resources

A CISO’s guide to Application Security best practices 

A CISO’s guide to Application Security best practices 

Effective AppSec is not a one-time fix but a continuous journey across every facet of your application’s lifecycle. By embracing a Secure Software Development Lifecycle (SSDLC) from the...

Beyond ‘whack-a-mole’ and insecticide

Beyond ‘whack-a-mole’ and insecticide

Designing a new, robust, sustainable, and truly holistic approach to cybersecurity Talk to any cybersecurity expert or IT security manager, and they’ll tell you they’re sick of alerts and...

Ubuntu Pro Minimal 22.04 LTS with CIS hardening is now generally available on AWS

Ubuntu Pro Minimal 22.04 LTS with CIS hardening is now generally available on AWS

August 28, 2025 – We are excited to announce the general availability of Ubuntu Pro Minimal 22.04 LTS with CIS hardening, a new variant of Ubuntu designed for organizations that require...

54% of European enterprises want long term open source support: how Ubuntu Pro + Support delivers

54% of European enterprises want long term open source support: how Ubuntu Pro + Support delivers

Europe’s open source ecosystem is at a turning point. The Linux Foundation’s Open Source as Europe’s Strategic Advantage: Trends, Barriers, and Priorities for the European Open Source...

A guide to Infrastructure Hardening

Ubuntu compliance guide for US public sector

Understand IoT security and IoT compliance across global markets

A guide to open source vulnerability management

Take the next step towards FIPS compliance

Learn about all our security certifications

Explore pricing and find the right subscription for your needs

Read the documentation about FIPS for Ubuntu

Ubuntu Pro provides an easy pathway to FIPS compliance. It delivers CVE patching for Ubuntu OS and Applications covering 36,000 packages, along with automated, unattended, and restartless updates, and the best tools to secure and manage your Ubuntu infrastructure, developed by the publisher of Ubuntu.

Contact us Access a free trial ›