Ubuntu Pro: Comprehensive subscription for open-source software security

Ubuntu Pro, Canonical’s comprehensive subscription for secure open source and compliance, is now generally available. Ubuntu Pro helps teams get timely CVE patches, harden their systems at scale and remain compliant with regimes such as FedRAMP, HIPAA and PCI-DSS.

The subscription expands Canonical’s ten-year security coverage and optional technical support to an additional 23,000 packages beyond the main operating system. It is ideal for organisations who are looking to improve their security posture, not just for the Main repository of Ubuntu, but for thousands of open-source packages and toolchains.

Timely patching

Canonical has an 18-year track record of timely security updates for the main Ubuntu OS, with critical CVEs patched in less than 24 hours on average. Ubuntu Pro’s coverage spans critical, high and selected medium CVEs for thousands of applications and toolchains, including Ansible, Apache Tomcat, Apache Zookeeper, Docker, Nagios, Node.js, phpMyAdmin, Puppet, PowerDNS, Python, Redis, Rust, WordPress, and more.

Ubuntu Pro is available for every Ubuntu LTS from 16.04 LTS . It is already in production for large-scale customers offering global services. The beta release was welcomed by the likes of NVIDIA, Google, Acquia, VMWare and LaunchDarkly. Since the beta announcement in October 2022, tens of thousands of Ubuntu users have signed up for the service.

“I manage my own compute cluster leveraging MAAS and other Canonical tools to support my research. The Open source security patches delivered through Ubuntu Pro gives my team peace of mind, and ensures my servers are secure. Canonical is continuously delivering timely CVE patches covering a broad portfolio of open source applications for the entire ten-year lifetime of an Ubuntu LTS. This brings much needed stability and compliance”, said David A Gutman, MD PhD, Associate Professor of Pathology, Emory University School of Medicine.

A single subscription for security and compliance

Besides providing timely security patches, Ubuntu Pro includes tools for compliance management in regulated and audited environments. Ubuntu Security Guide (USG) enables best-in-class hardening and compliance standards such as CIS benchmark and DISA-STIG profiles.

Ubuntu Pro users can access FIPS-certified cryptographic packages necessary for all Federal Government agencies and organizations operating under compliance regimes like FedRAMP, HIPAA, and PCI-DSS.

System management and automated patching at scale is facilitated through Landscape. Ubuntu Pro also includes Livepatch, which patches critical and high-severity kernel vulnerabilities at runtime to minimize the need for an unplanned reboot of your Ubuntu estate.

Subscription types and pricing

The standard Ubuntu Pro subscription covers the full set of security updates for all packages in Ubuntu Main and Universe repositories – this is the most suitable choice. Ubuntu Pro costs $25 per year for a workstation or $500 per year for a server and is available directly with a 30-day free trial.

Ubuntu Pro is available through public cloud marketplaces – AWS, Azure and Google Cloud. It is offered per hour, billed directly by the cloud, and priced at approximately 3.5% of the average underlying compute cost.

An Ubuntu Pro subscription covers the base OS and the private cloud components needed for large-scale bare-metal deployments, but excludes the new broader application coverage. It is useful for organizations building private clouds that use other guest operating systems for applications.

A free tier is available for personal and small-scale commercial use in up to 5 machines. Official Ubuntu community members can benefit from Ubuntu Pro in up to 50 machines. In order to get the token, login with your existing Ubuntu One account or create a free account.