Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

  1. Blog
  2. Article

Sarah Dickinson
on 26 April 2019


Cyber attacks are becoming more sophisticated, attack frequency is on the rise, and the cost of cybercrime damage is projected to reach $6 trillion annually by 2021. Traditional defensive measures such as firewalls and intrusion detection systems that operate at the network perimeter are no longer enough to protect today’s distributed enterprise networks. Rather, a ‘defence in depth’ approach is required in order to protect all facets of an organisation’s digital infrastructure.

In an ideal world, applications would be free from security vulnerabilities but, once compromised, even a trusted application can become untrustworthy. AppArmor provides a crucial layer of security around applications. By providing the capability to whitelist an application’s permissible actions, AppArmor enables administrators to apply the principle of least privilege to applications. Once in place, AppArmor can halt attacks and minimise or prevent damage in the event of a breach.

This whitepaper provides a technical introduction to AppArmor, including:

  • Why a ‘defence in depth’ strategy should be employed to mitigate the potential damage caused by a breach
  • An explanation of AppArmor, its key features and why the principle of least privilege is recommended
  • The use of AppArmor in Ubuntu and snaps

In submitting this form, I confirm that I have read and agree to Canonical’s Privacy Notice and Privacy Policy.

Related posts


Canonical
4 December 2024

Canonical announces Ubuntu Security Research Alliance Program 

Canonical announcements Article

Today, Canonical, the publisher of Ubuntu, announced its new Ubuntu Security Research Alliance Program, a free partnership between Canonical and open source vulnerability scanning organizations. The goal is to ensure vulnerability data is more transparent and standardized, while improving on-platform security for Ubuntu users through more ...


eslerm
19 November 2024

Needrestart local privilege escalation vulnerability fixes available

Ubuntu Article

Qualys discovered vulnerabilities which allow a local attacker to gain root privileges in the needrestart package (CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, and CVE-2024-11003) and a related issue in libmodule-scandeps-perl (CVE-2024-10224). The vulnerabilities affect Debian, Ubuntu and other Linux distributions. Canonical’s securit ...


Luci Stanescu
28 October 2024

Imagining the future of Cybersecurity

Ubuntu Security

October 2024 marks the 20th anniversary of Ubuntu. The cybersecurity landscape has significantly shifted since 2004. If you have been following the Ubuntu Security Team’s special three-part series podcast that we put out to mark Cybersecurity Awareness Month, you will have listened to us talk about significant moments that have shaped the ...