Contact Us

Microsoft expands Defender capabilities for Linux systems

Cloud

Microsoft has rolled out the public preview for is Defender for Endpoint software on Linux systems, giving IT administrators outside of the Windows 10 ecosystem a comparable level of protection.

Defender for Endpoint customers can take advantage of endpoint detection and response (EDR) capabilities to detect advanced threats involving Linux servers, use data from endpoints to gain insights, and remediate attacks.

The software supports recent versions of the six most common Linux distributions, including RHEL 7.2+, CentOS Linux 7.2+, Ubuntu 16 LTS or higher, SLES 12+, Debian 9+ and Oracle Linux 7.2. 

This expansion builds on the company’s general release of Microsoft Defender Advanced Threat Protection (ATP) for Linux earlier this year. This is in addition to Microsoft bolstering security for Android and iOS platforms.

With the Defender ATP for Linux, which was made generally available from June 2020, enterprise customers were able to install a similar level of protection on their Linux systems as they could on Microsoft systems within their infrastructures.

Using Defender for Endpoint EDR, users can immediately begin benefiting from three new feature areas including a rich investigative experience, optimised performance, and in-context threat detection. 

Features for the first category comprise a machine timeline, process creation, file creation, network connections, login events and advanced hunting. Optimised performance entails enhancing CPU utilisation in compilation procedures as well as large software deployments. In-context antivirus detections, meanwhile, gives users insight as to where a threat came from and how the malicious process or activity was created.

Users can engage in the public preview by configuring some of their Linux servers to Preview mode if they’re already running Microsoft Defender for Endpoint on Linux. Customers are also being encouraged to test out a simulated attack tool, in which Linux EDR can simulate a detection on a server, and trigger an investigation of the case. 

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from Youtube
Vimeo
Consent to display content from Vimeo
Google Maps
Consent to display content from Google
Spotify
Consent to display content from Spotify
Sound Cloud
Consent to display content from Sound