Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

An error occurred while submitting your form. Please try again or file a bug report. Close

Blog posts tagged
"Security"

Giulia Lanzafame
10 June 2025

Apache Spark security: start with a solid foundation

Data Platform Article

Everyone agrees security matters – yet when it comes to big data analytics with Apache Spark, it’s not just another checkbox. Spark’s open source Java architecture introduces special security concerns that, if neglected, can quietly reveal sensitive information and interrupt vital functions. Unlike standard software, Spark design permits ...

Rawand Benour
5 June 2025

What if your container images were security-maintained at the source?

Ubuntu Article

Software supply chain security has become a top concern for developers, DevOps engineers, and IT leaders. High-profile breaches and dependency compromises have shown that open source components can introduce risk if not properly vetted and maintained. Although containerization has become commonplace in contemporary development and deploym ...

Octavio Galland
30 May 2025

Apport local information disclosure vulnerability fixes available

Ubuntu Article

Qualys discovered two vulnerabilities in various Linux distributions which allow a local attacker with permission to create user namespaces to leak core dumps for processes of suid executables. These affect both apport, the Ubuntu default core dump handler (CVE-2025-5054), and systemd-coredump, the default core dump handler in Red Hat Ent ...

Benjamin Ryzman
9 April 2025

SONiC: The open source network operating system for modern data centers

Networking Networking

Software for Open Networking in the Cloud (SONiC) is an open-source network operating system that has revolutionized data center networking. Originating as a Microsoft-led initiative in the Open Compute Project (OCP) in 2016, SONiC has rapidly gained traction among hyperscalers and switch hardware vendors, including Broadcom, Cisco, and N ...

Stephanie Domas
24 March 2025

What is Application Security (AppSec)?

Hardening Article

Application security (or AppSec, for short) is a broad term that refers to all of the tools, actions, and processes that an organization uses to protect its applications against vulnerabilities across the entirety of its life cycle. Application security has one objective: to find weaknesses in your applications and systems that could be a ...

Henry Coggill
14 March 2025

What is System Hardening? Essential Checklists from OS to Applications

CIS Benchmarks Article

Hardening a system aims to decrease its exposure to make it difficult to hack, and to lessen the potential collateral damage in the event of a compromise. ...

Luci Stanescu
28 February 2025

How to conduct a vulnerability assessment

Security Article

The realm of information security is fraught with jargon, as anyone who has come across vulnerability-related terms can tell you. To complicate matters further, some of these terms are used interchangeably or in contexts outside of computing. This can muddy the waters for people looking to learn about vulnerability assessments – so in thi ...

Canonical
6 February 2025

Canonical achieves ISO/SAE 21434 certification, strengthening automotive cybersecurity standards

Automotive Article

Certified cybersecurity processes to help safeguard next-generation connected vehicles Canonical is proud to announce it has achieved the ISO/SAE 21434 certification for its Security Management System, following an extensive assessment by TÜV SÜD, a globally respected certification provider. This milestone highlights Canonical’s leadershi ...

João Hellmeister
20 January 2025

A comprehensive guide to NIS2 Compliance: Part 3 – Setting the roadmap and demonstrating NIS2 compliance.

Ubuntu Article

In this third and final part of the series, I’ll provide some tips on how to set up your roadmap and effectively demonstrate compliance without overburdening your teams.  If you’re just joining the fun now, in our two previous editions we covered who NIS2 applies to and what requirements it sets out. Be sure to ...

João Hellmeister
15 January 2025

A comprehensive guide to NIS2 Compliance: Part 1 – Understanding NIS2 and its scope

Ubuntu Article

The EU NIS2 directive, which calls for strengthening cybersecurity across the European Union, is now active in all member states. Join me for this 3-part blog post series  in which I’ll explain what it is, help you understand if it is applicable to your company and how you can become NIS2 compliant. In this first ...

eslerm
14 January 2025

Rsync remote code execution and related vulnerability fixes available

Hardening Article

Canonical’s security team has released updates of the rsync packages for all supported Ubuntu releases. The updates remediate CVE-2024-12084, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, and CVE-2024-12747. ...

  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page