Merge pull request #14655 from mtruj013/compliance-copy

copy update: /security/compliance-automation
canonical · Jan 21, 2025 · e58304c · e58304c
2 parents 5ba2f9b + f1e5488
commit e58304c
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 36 deletions.
diff --git a/templates/security/compliance-automation.html b/templates/security/compliance-automation.html
@@ -18,7 +18,7 @@
         <h1>Compliance automation</h1>
         <h2 class="p-heading--3">Run regulated and high security workloads on Ubuntu</h2>
         <p>
-          <a href="/pro">Ubuntu Pro</a> has been designed to simplify your security compliance burden for frameworks such as NIST, FedRAMP, PCI-DSS, ISO27001 or CIS. Pro includes security vulnerability patching for up to 12 years, FIPS-validated cryptographic modules, and automated system hardening for CIS and DISA STIG, and can be deployed on-premise or in the <a href="/public-cloud">public cloud</a>.
+          <a href="/pro">Ubuntu Pro</a> has been designed to simplify your security compliance burden for frameworks such as NIST, FedRAMP, PCI-DSS, ISO27001, or CIS. Pro includes security vulnerability patching for up to 12 years, FIPS-validated cryptographic modules, and automated system hardening for CIS and DISA STIG, and can be deployed on-premise or in the <a href="/public-cloud">public cloud</a>.
         </p>
         <p>
           <a class="p-button--positive js-invoke-modal"
@@ -55,7 +55,8 @@ <h3>Automate hardening with the Ubuntu Security Guide</h3>
         <p>
           The default configuration of Ubuntu balances usability and security. However, systems carrying dedicated workloads can be further hardened to reduce their attack surface. Canonical provides the Ubuntu Security Guide to automatically harden systems to DISA STIG and CIS benchmarks profiles, and generate audit reports. Available with <a href="/pro">Ubuntu Pro on-premise</a> or ready-built on <a href="/public-cloud">public clouds</a>.
         </p>
-        <a class="p-button" href="/security/compliance-automation#compliance-profiles">See our compliance profiles</a>
+        <a class="p-button"
+           href="/security/compliance-automation#compliance-profiles">See our compliance profiles</a>
       </div>
       <div class="col-4 p-divider__block">
         <h3>Fix security vulnerabilities across the estate</h3>
@@ -110,7 +111,7 @@ <h2>Available on-prem and in the cloud</h2>
       <div class="col-6">
         <h2>How does Ubuntu enable your compliance with FIPS, and DISA-STIG?</h2>
         <p>
-          The operating system is the cornerstone of a security compliance programme. Ubuntu Pro enables functionality such as FIPS-certified crypto libraries and system hardening with the Ubuntu Security Guide to help meet stringent government security standards. Watch this webinar to find out more.
+          The operating system is the cornerstone of a security compliance program. Ubuntu Pro enables functionality such as FIPS-certified crypto libraries and system hardening with the Ubuntu Security Guide to help meet stringent government security standards. Watch this webinar to find out more.
         </p>
       </div>
       <div class="col-6 u-hide--medium u-hide--small u-align--center">
@@ -146,7 +147,7 @@ <h2>How does Ubuntu enable your compliance with FIPS, and DISA-STIG?</h2>
       <div class="col-6">
         <h2>Maximizing security and compliance in the US public sector with Ubuntu Pro</h2>
         <p>
-          Navigating the maze of complex compliance requirements facing the US Public Sector is a daunting prospect. Confusing abbreviations and terminology only make charting this course more difficult. If you’re looking to understand what FIPS, FedRAMP and DISA-STIG are all about, this whitepaper is for you.
+          Navigating the maze of complex compliance requirements facing the US Public Sector is a daunting prospect. Confusing abbreviations and terminology only make charting this course more difficult. If you’re looking to understand what FIPS, FedRAMP, and DISA-STIG are all about, this whitepaper is for you.
         </p>
         <a href="/engage/security-compliance-US-public-sector-FIPS-DISASTIG"
            class="p-button--positive">Download the whitepaper</a>
@@ -182,21 +183,19 @@ <h2>A guide to Infrastructure Hardening</h2>
     <div class="u-fixed-width">
       <h2>Ubuntu compliance &amp; hardening profiles</h2>
       <p class="u-sv2">
-        The default configuration of Ubuntu LTS releases balances between usability, performance and security. Mission-critical systems can be further hardened to reduce their attack surface. Reducing the attack surface is a widely accepted security best practice, and is often required by cybersecurity frameworks. Canonical works with industry leading organisations, such as CIS and DISA, to produce security hardening benchmarks for Ubuntu.
+        The default configuration of Ubuntu LTS releases balances between usability, performance, and security. Mission-critical systems can be further hardened to reduce their attack surface. Reducing the attack surface is a widely accepted security best practice, and is often required by cybersecurity frameworks. Canonical works with industry leading organizations, such as CIS and DISA, to produce security hardening benchmarks for Ubuntu.
       </p>
       <p>
         These security benchmarks contain hundreds of steps which can be prohibitively time-consuming to apply manually, so we provide the <a href="/security/certifications/docs/usg">Ubuntu Security Guide (USG)</a> - a tool based on OpenSCAP - to automate the process. USG can generate remediation scripts to harden a system in one procedure, as well as producing audit reports detailing the hardening rules that have been applied. USG profiles are available for CIS benchmarks and DISA STIGs.
       </p>
       <div class="row p-divider">
         <div class="col-6 p-divider__block">
-          {{ image (
-          url="https://assets.ubuntu.com/v1/f98af83d-cis-logo-removebg-preview.png",
-          alt="",
-          width="50",
-          height="50",
-          hi_def=True,
-          loading="lazy"
-          ) | safe
+          {{ image(url="https://assets.ubuntu.com/v1/f98af83d-cis-logo-removebg-preview.png",
+                    alt="CIS",
+                    width="50",
+                    height="50",
+                    hi_def=True,
+                    loading="lazy") | safe
           }}
           <p>
             <a href="/security/cis">Center for Internet Security (CIS) certified benchmarks for Ubuntu systems</a>
@@ -210,14 +209,12 @@ <h3 class="p-heading--5">USG profile:</h3>
           </ul>
         </div>
         <div class="col-6 p-divider__block">
-          {{ image (
-          url="https://assets.ubuntu.com/v1/ef01809f-DISA-logo-transparent.png",
-          alt="",
-          width="136",
-          height="50",
-          hi_def=True,
-          loading="lazy"
-          ) | safe
+          {{ image(url="https://assets.ubuntu.com/v1/ef01809f-DISA-logo-transparent.png",
+                    alt="DISA",
+                    width="136",
+                    height="50",
+                    hi_def=True,
+                    loading="lazy") | safe
           }}
           <p>
             <a href="/security/disa-stig">Defence Information System Agency (DISA) Security Technical Implementation Guides (STIGs)</a>
@@ -243,7 +240,7 @@ <h3 class="p-heading--5">Configuration guides</h3>
     <div class="u-fixed-width">
       <h2>Ubuntu FIPS certifications</h2>
       <p class="u-sv2">
-        We strive to make Ubuntu the platform of choice in regulated and high security environments. Ubuntu Pro enables access to the certification artifacts as well as the necessary tooling for such environments. The following is a list of the certifications available with <a href="/pro">Ubuntu Pro</a>. Click on each for more detailed information.
+        We strive to make Ubuntu the platform of choice in regulated and high-security environments. Ubuntu Pro enables access to the certification artifacts as well as the necessary tooling for such environments. The following is a list of the certifications available with <a href="/pro">Ubuntu Pro</a>. Click on each for more detailed information.
       </p>
       <div class="row p-strip--shallow p-divider  u-vertically-center">
         <div class="col-6 col-medium-3">
@@ -276,14 +273,14 @@ <h3 class="p-heading--5">
       <h2>Frequently asked questions about security certifications</h2>
       <h3>How do I harden my Ubuntu system?</h3>
       <p>
-        Hardening always involves a tradeoff with usability and performance. The default configuration of Ubuntu LTS releases, as provided by Canonical, balances between usability, performance and security. However, systems with a dedicated workload are well positioned to benefit from hardening. You can reduce your workload’s attack surface by applying an Industry accepted baseline. At Canonical we recommend applying <a href="/security/cis">the Center for Internet Security (CIS) benchmarks</a> for hardening the configuration of Ubuntu.
+        Hardening always involves a tradeoff with usability and performance. The default configuration of Ubuntu LTS releases, as provided by Canonical, balances between usability, performance, and security. However, systems with a dedicated workload are well positioned to benefit from hardening. You can reduce your workload's attack surface by applying an Industry-accepted baseline. At Canonical we recommend applying <a href="/security/cis">the Center for Internet Security (CIS) benchmarks</a> for hardening the configuration of Ubuntu.
       </p>
       <h3>How do I comply with PCI-DSS?</h3>
       <p>
-        PCI-DSS is a payment industry standard and any company that stores, processes or transmits payment card or cardholder information is required to comply with it. The standard is defined by the Payment Card Industry council and defines measures and processes to secure online financial transactions. The standard is about making business as usual processes like monitoring of security controls, timely response, review of environmental and organizational changes, as well as review of hardware and software being under support by its vendors. For companies with large volumes of transactions compliance with the standard is enforced by an audit of a Qualified Security Assessor (QSA).
+        PCI-DSS is a payment industry standard and any company that stores, processes, or transmits payment card or cardholder information is required to comply with it. The standard is defined by the Payment Card Industry council and defines measures and processes to secure online financial transactions. The standard is about making business as usual processes like monitoring of security controls, timely response, review of environmental and organizational changes, as well as review of hardware and software being under support by its vendors. For companies with large volumes of transactions compliance with the standard is enforced by an audit of a Qualified Security Assessor (QSA).
       </p>
       <p>
-        Achieving and maintaining compliance is a complex and costly process that involves business processes in addition to software requirements. Ubuntu by Canonical contains software and security controls, such as disk encryption, password settings configuration, <a href="/security/fips">cryptographic compliance with FIPS140-2</a>, <a href="/security/cis">CIS hardening</a> as well as <a href="/pro">a comprehensive Enterprise software maintenance program</a>, to achieve and maintain compliance with the standard.
+        Achieving and maintaining compliance is a complex and costly process that involves business processes in addition to software requirements. Ubuntu by Canonical contains software and security controls, such as disk encryption, password settings configuration, <a href="/security/fips">cryptographic compliance with FIPS140-2</a>, <a href="/security/cis">CIS hardening</a>, as well as <a href="/pro">a comprehensive Enterprise software maintenance program</a>, to achieve and maintain compliance with the standard.
       </p>
       <a href="/security/contact-us"
          class="p-button--positive js-invoke-modal">Contact us</a>
@@ -293,14 +290,12 @@ <h3>How do I comply with PCI-DSS?</h3>
   <section class="p-strip--light">
     <div class="row">
       <div class="col-4 u-hide--medium u-hide--small u-align--center">
-        {{ image (
-        url="https://assets.ubuntu.com/v1/7076ef2d-ubuntu-documents.svg",
-        alt="",
-        width="166",
-        height="200",
-        hi_def=True,
-        loading="lazy"
-        ) | safe
+        {{ image(url="https://assets.ubuntu.com/v1/7076ef2d-ubuntu-documents.svg",
+                alt="",
+                width="166",
+                height="200",
+                hi_def=True,
+                loading="lazy") | safe
         }}
       </div>
       <div class="col-8">

diff --git a/templates/shared/_cra-banner.html b/templates/shared/_cra-banner.html
@@ -2,10 +2,10 @@
   <div class="row">
     <div class="p-notification--information">
       <div class="p-notification__content">
-        <div class="p-notification__message">Need information about the CRA? Canonical is committed to delivering Cyber Resilience Act (CRA) compliant Ubuntu. To learn more, 
-          <a href="/security/contact-us">contact our sales team.</a>
+        <div class="p-notification__message">
+          Need information about the Cyber Resilience Act (CRA)? Canonical is committed to delivering CRA-compliant Ubuntu. To learn more, visit our dedicated webpage for understanding the CRA and its requirements, or <a href="/security/contact-us" class="js-invoke-modal">contact our sales team</a>.
         </div>
       </div>
     </div>
   </div>
-</section>
+</section>