Microsoft expands Defender capabilities for Linux systems

Defender for Endpoint customers will be able to detect and remediate advanced threats involving Linux servers

Microsoft has rolled out the public preview for is Defender for Endpoint software on Linux systems, giving IT administrators outside of the Windows 10 ecosystem a comparable level of protection.

Defender for Endpoint customers can take advantage of endpoint detection and response (EDR) capabilities to detect advanced threats involving Linux servers, use data from endpoints to gain insights, and remediate attacks.

The software supports recent versions of the six most common Linux distributions, including RHEL 7.2+, CentOS Linux 7.2+, Ubuntu 16 LTS or higher, SLES 12+, Debian 9+ and Oracle Linux 7.2. 

This expansion builds on the company’s general release of Microsoft Defender Advanced Threat Protection (ATP) for Linux earlier this year. This is in addition to Microsoft bolstering security for Android and iOS platforms.

With the Defender ATP for Linux, which was made generally available from June 2020, enterprise customers were able to install a similar level of protection on their Linux systems as they could on Microsoft systems within their infrastructures.

Using Defender for Endpoint EDR, users can immediately begin benefiting from three new feature areas including a rich investigative experience, optimised performance, and in-context threat detection. 

Features for the first category comprise a machine timeline, process creation, file creation, network connections, login events and advanced hunting. Optimised performance entails enhancing CPU utilisation in compilation procedures as well as large software deployments. In-context antivirus detections, meanwhile, gives users insight as to where a threat came from and how the malicious process or activity was created.

Users can engage in the public preview by configuring some of their Linux servers to Preview mode if they’re already running Microsoft Defender for Endpoint on Linux. Customers are also being encouraged to test out a simulated attack tool, in which Linux EDR can simulate a detection on a server, and trigger an investigation of the case. 

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

Sopra Steria cyber attack costs to hit €50 million
Security

Sopra Steria cyber attack costs to hit €50 million

26 Nov 2020
Sophos warns customers of potential data leak
Security

Sophos warns customers of potential data leak

26 Nov 2020
Weekly threat roundup: VMware, GitHub, Facebook, and MobileIron
Security

Weekly threat roundup: VMware, GitHub, Facebook, and MobileIron

26 Nov 2020
Egregor ransomware could take up where Maze left off
Security

Egregor ransomware could take up where Maze left off

26 Nov 2020

Most Popular

macOS Big Sur is bricking some older MacBooks
operating systems

macOS Big Sur is bricking some older MacBooks

16 Nov 2020
Huawei Mate 40 Pro 5G review: A tragically brilliant Mate
Mobile Phones

Huawei Mate 40 Pro 5G review: A tragically brilliant Mate

26 Nov 2020
How computing has revolutionised Formula 1
Sponsored

How computing has revolutionised Formula 1

11 Nov 2020