Blog
Henry Coggill

Henry Coggill

12 posts

Henry is a security expert with 20 years of experience in the industry. He has reverse-engineered malware, pen-tested networks and applications, researched vulnerabilities, coded network devices, designed cryptographic modules and set corporate policies. At Canonical, Henry is Product Manager for security certifications and hardening, and is an ISC2 Certified Information Systems Security Professional.

Henry Coggill
20 March 2025

Hardening automation for CIS benchmarks now available for Ubuntu 24.04 LTS

Hardening Article

We’re pleased to release Ubuntu Security Guide profiles for CIS benchmarks. ...

Henry Coggill
14 March 2025

What is System Hardening? Essential Checklists from OS to Applications

CIS Benchmarks Article

Hardening a system aims to decrease its exposure to make it difficult to hack, and to lessen the potential collateral damage in the event of a compromise. ...

Henry Coggill
5 February 2025

FIPS 140-3 certified modules now available for Ubuntu 22.04 LTS

FIPS Article

New deployments should take advantage of the new FIPS 140-3 certified modules available with Ubuntu 22.04 LTS. ...

Henry Coggill
4 February 2025

The role of FIPS 140-3 in the latest FedRAMP guidance

FIPS Article

Good news in the US federal compliance space. The latest FedRAMP policy relaxes past restrictions that prevented organizations from applying critical security updates. ...

Henry Coggill
2 August 2024

How Canonical enables PCI-DSS compliance

Security Article

Anyone who deals with online payments will have heard of PCI-DSS. The Payment Card Industry Data Security Standard is a comprehensive security control framework that is designed to keep payment card data safe from hackers and misuse. Merchants who accept debit or credit card payments (and service providers who process this information) wi ...

Henry Coggill
24 June 2024

Meet DISA-STIG compliance requirements for Ubuntu 22.04 LTS with USG

DISA STIG Article

DISA, the Defense Information Systems Agency, recently published their Security Technical Implementation Guide (STIG) for Ubuntu 22.04 LTS in April 2024. We’re pleased to now release the Ubuntu Security Guide profile to enable customers to automatically harden and audit their Ubuntu 22.04 LTS systems for the STIG. What is a STIG? A STIG i ...

Henry Coggill
12 June 2024

NIST CMVP Interim Validation & Jammy FIPS

FIPS Article

If you need FIPS-validated cryptographic modules for your deployments, you may be aware that these have been turbulent times in the FIPS world. We have seen the introduction of the new FIPS 140-3 standard, with the older 140-2 being phased out (all existing certificates will expire by September 2026 at the latest). The industry has ...

Henry Coggill
18 April 2024

DISA publishes STIG for Ubuntu 22.04 LTS

DISA STIG Article

Introduction DISA, the Defense Information Systems Agency, has published their Security Technical Implementation Guide (STIG) for Ubuntu 22.04 LTS. The STIG is free for the public to download from the DOD Cyber Exchange. Canonical has been working with DISA since we published Ubuntu 22.04 LTS to draft this STIG, and we are delighted that ...

Henry Coggill
7 December 2023

Ubuntu 22.04 FIPS 140-3 modules available for preview

FIPS Article

Canonical has been working with our testing lab partner, atsec information security, to prepare the cryptographic modules in Ubuntu 22.04 LTS (Jammy Jellyfish) for certification with NIST under the new FIPS 140-3 standard. The modules passed all of atsec’s algorithm validation tests and are in the queue awaiting NIST’s approval. We can’t ...

Henry Coggill
3 November 2023

Meet Cyber Essentials requirements with Ubuntu Pro

Hardening Article

Cyber Essentials is an increasingly important security standard within the UK that allows organisations to demonstrate to their customers that they operate their business in a secure and trustworthy manner. Achieving the Cyber Essentials certification helps businesses win new customers and stand out amongst their peers. It is a requireme ...

Henry Coggill
29 June 2023

Managing security vulnerabilities and compliance for U.S. Government with Ubuntu Pro

Hardening Article

Maintaining a compliant IT ecosystem is a major undertaking, as each regulation brings a host of specialized requirements. And dealing with the never-ending stream of security vulnerabilities that require patching only adds to this task. ...

Henry Coggill
8 February 2023

Is open-source as secure as proprietary software?

Hardening Article

Are the security issues we are seeing related to the use of open-source software? Does proprietary software have any more inherent safety or security benefits? In this article we will explore these issues and give you some more insights into the nature of these software development paradigms. ...

Quick links

Quick links

Quick links

Quick links

Quick links

Quick links

Quick links

Quick links

Quick links

Categories

Industries

Case studies ›

Partner programs

Quick links

Roles by department

Working here

Explore Canonical

Latest updates

Company highlights ›

Henry Coggill

Hardening automation for CIS benchmarks now available for Ubuntu 24.04 LTS

What is System Hardening? Essential Checklists from OS to Applications

FIPS 140-3 certified modules now available for Ubuntu 22.04 LTS

The role of FIPS 140-3 in the latest FedRAMP guidance

How Canonical enables PCI-DSS compliance

Meet DISA-STIG compliance requirements for Ubuntu 22.04 LTS with USG

NIST CMVP Interim Validation & Jammy FIPS

DISA publishes STIG for Ubuntu 22.04 LTS

Ubuntu 22.04 FIPS 140-3 modules available for preview

Meet Cyber Essentials requirements with Ubuntu Pro

Managing security vulnerabilities and compliance for U.S. Government with Ubuntu Pro

Is open-source as secure as proprietary software?