The Defense Information Systems Agency recently released the draft Canonical Ubuntu 22.04 Security Technical Implementation Guide (STIG) Security Content Automation Protocol (SCAP) benchmark snapshot for review.

The draft benchmark is a snapshot of SCAP content developed for the technology and does not include the full spectrum of content expected to be included in the final release of the benchmark.

Customers who possess a Common Access Card that has valid Department of Defense certificates can submit comments and/or recommended changes to the draft benchmark snapshot by 21 January 2025 on the comment matrix spreadsheet, which is located with the benchmark at https://cyber.mil/stigs/downloads/.

The draft benchmark snapshot and comment matrix are also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.

Please limit comments and recommendations in the comment matrix to those that address the benchmark. Questions regarding the manual STIG should be sent to dod.cyberexchange@mail.mil.

Please email comments to disa.stig_spt@mail.mil and include the title and version of the benchmark in the subject line.

Users who are unable to find and download these files or other content can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil.