Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

An error occurred while submitting your form. Please try again or file a bug report. Close

  1. Blog
  2. Article

Sarah Dickinson
on 26 April 2019

An introduction to AppArmor

apparmor Apps Security Snaps

Cyber attacks are becoming more sophisticated, attack frequency is on the rise, and the cost of cybercrime damage is projected to reach $6 trillion annually by 2021. Traditional defensive measures such as firewalls and intrusion detection systems that operate at the network perimeter are no longer enough to protect today’s distributed enterprise networks. Rather, a ‘defence in depth’ approach is required in order to protect all facets of an organisation’s digital infrastructure.

In an ideal world, applications would be free from security vulnerabilities but, once compromised, even a trusted application can become untrustworthy. AppArmor provides a crucial layer of security around applications. By providing the capability to whitelist an application’s permissible actions, AppArmor enables administrators to apply the principle of least privilege to applications. Once in place, AppArmor can halt attacks and minimise or prevent damage in the event of a breach.

This whitepaper provides a technical introduction to AppArmor, including:

  • Why a ‘defence in depth’ strategy should be employed to mitigate the potential damage caused by a breach
  • An explanation of AppArmor, its key features and why the principle of least privilege is recommended
  • The use of AppArmor in Ubuntu and snaps

In submitting this form, I confirm that I have read and agree to Canonical’s Privacy Notice and Privacy Policy.

Related posts

Stephanie Domas
11 August 2025

A CISO’s guide to Application Security best practices 

Hardening Article

Effective AppSec is not a one-time fix but a continuous journey across every facet of your application’s lifecycle. By embracing a Secure Software Development Lifecycle (SSDLC) from the outset, diligently uncovering potential risks, and mastering your cybersecurity fundamentals, you lay a robust foundation for resilient applications. ...

Florencia Cabral Berenfus
8 August 2025

ROS Noetic is EOL – take action to maintain fleet security

Robotics Article

As of May 2025, the Robot Operating System (ROS) Noetic Ninjemys officially reached its end of life (EOL). First released in 2020 as the final ROS (1) distribution, ROS Noetic has been the default choice for thousands of developers building on Ubuntu 20.04 LTS. For developers and businesses running mission-critical systems on ROS Noetic, ...

ijlal-loutfi
6 August 2025

Is Linux secure?

Confidential computing Article

Does operating system (OS) security matter? Meet Pal. Pal is a senior developer working at PalBank. For the next 6 months, Pal will be responsible for leading the development of the bank’s web application client, which will be used daily by millions of customers. Pal invests considerable effort into designing and implementing the most sec ...