CIQ has announced the preview release of Rocky Linux from CIQ – Hardened, tailored for high-security environments, featuring strengthened password policies, memory corruption detection, kernel integrity checks, and SSH restrictions. The product is delivered through a secure supply chain with pre-configured security settings and code-level hardening to block common exploit paths. It also includes automated security updates, advanced threat detection, and top-tier support — all while maintaining full API and application binary interface (ABI) compatibility with the Enterprise Linux standard.

“The creation of Rocky Linux from CIQ – Hardened was a direct result of the countless conversations I have had with security-concerned IT executives,” said Gregory Kurtzer, CEO of CIQ. “Organizations struggle to consistently thwart security attacks across their Linux environments where even a single exploit poses a major risk. Rocky Linux from CIQ – Hardened makes it harder for malicious attackers to break into critical software infrastructure by providing a more secure foundation and defense in depth while maintaining compatibility with the Enterprise Linux standard.”

The CIQ team has researched common security threat vectors and have actively addressed limiting these in this version. The product delivers:

• System Level Hardening: Minimizes zero-day and CVE risks by eliminating many of the potential attack surfaces and common exploit vectors.
• Accelerated Risk Mitigation: Addresses security threats ahead of standard updates, significantly reducing exposure time.
• Strong Access Controls: Implements advanced password hashing, strict authentication policies and hardened access controls.
• Advanced Threat Detection: Detects sophisticated intrusions that evade traditional security with Linux Kernel Runtime Guard (LKRG).
• Simple Deployment: Delivers pre-hardened systems, saving time and resources on security configurations.
• Enterprise Linux: Compatible with the Enterprise Linux standards.

A hardened operating system is typically the baseline of an overall strategy. However, attack vectors constantly change and ensuring consistent coverage across all systems is a challenge. Rocky Linux from CIQ – Hardened is built on the standard Rocky Linux from CIQ base and is delivered and validated via secure supply chain, with all security patches and updates applied promptly. And in the case of any issues, the CIQ team provides support to help mitigate issues or troubleshoot problems.

As always, all of the CIQ open source work is done in the open and can be found in the following public Git repositories for others to leverage and contribute back to. Interested users can sign up to access and validate the technical preview of Rocky Linux from CIQ – Hardened. The preview will be available on March 20 from the CIQ customer portal and the cloud marketplaces. Additionally, a webinar outlining the details of the release will be aired on March 19, 2025.