Nikos Mavrogiannopoulos is a product manager at Canonical focused on security and compliance. He has a background in mathematics and holds a Ph.D. in cryptography. He has spent two decades in various roles in security software design and engineering for operating systems, leading and forming expert teams.
18 January 2022
The CIS benchmark has hundreds of configuration recommendations, so hardening and auditing a Linux system manually can be very tedious. Every administrator of systems that need to comply with that benchmark would wish that this process is easily usable and automatable. Why is that? Manual configuration of such a large number of rules lead ...
16 December 2021
Not all data is destined to be public. Moving workloads that handle secret or private data from an on-premise setup to a public cloud introduces a new attack surface with different risks. As the public cloud environment shares its hardware infrastructure, a flaw in the clouds’ isolation mechanisms can be detrimental to the protection of ...
23 November 2021
Ubuntu is the platform of choice for deploying and running workloads on public clouds. No other operating system gives you better performance and consistency of experience across public clouds, including Amazon, Azure, Google, IBM and Oracle. There is a reason behind this exceptional experience. By design, Ubuntu images in public clouds i ...
13 September 2021
Ubuntu Livepatch is the service and the software that enables organizations to quickly patch vulnerabilities on the Linux kernel. It enables uninterrupted service while reducing fire drills during high and critical severity kernel vulnerabilities. With Ubuntu Livepatch on-prem we enhance our service to enable enterprises manage on private ...
6 September 2021
This is the second article in our series regarding FIPS 140 and Ubuntu. The first part of this series, this article, covers running FIPS 140 applications on Ubuntu while this part is focused on the development of FIPS 140 applications on Ubuntu. What is FIPS and why should a developer care? Developing applications for regulated ...
1 September 2021
The cybersecurity state of affairs can be described as too complex today. There is an enormous number of threats endangering sensitive data for the average IT team to cope with. Threats ranging from exposure of physical assets stored in an office, to “social engineering” attacks resulting in unauthorized access, or even threats that explo ...
26 July 2021
This is the first article in a two-article series regarding FIPS 140 and Ubuntu. The first part of this series, this article, covers running FIPS 140 applications on Ubuntu while the second part, is covering the development of FIPS applications on Ubuntu. What is FIPS and why do I need it? Even though cryptography is ...
9 July 2021
Ubuntu Livepatch is the service and the software that enables organizations to quickly patch vulnerabilities on the Ubuntu Linux kernels. Livepatch provides uninterrupted service while reducing fire drills during high and critical severity kernel vulnerabilities. It is a complex technology and the details can be confusing, so in this post ...
14 April 2021
The Security Technical Implementation Guides (STIG) are developed by the Defense Information System Agency (DISA) for the U.S. Department of Defense. They are configuration guidelines for hardening systems to improve security. They contain technical guidance which when implemented, locks down software and systems to mitigate malicious att ...
30 March 2021
Two years ago, we launched the Extended Security Maintenance (ESM) phase of Ubuntu 14.04, providing access to CVE patches through an Ubuntu Advantage for Infrastructure free or paid subscription. This phase extended the lifecycle of Ubuntu 14.04 LTS, released in April 2014, to a total of ten years, ending in April 2024. During the ESM ...