Microsoft Defender for Endpoint Adds Linux Support

Microsoft announced last week that the Threat and Vulnerability Management capabilities in its Microsoft Defender for Endpoint security solution now protects Linux-based devices.

The enhancements are said to make Microsoft Defender for Endpoint (formerly known as "Microsoft Defender Advanced Threat Protection") into a cross-platform security solution. Microsoft Defender for Endpoint is used to protect devices, as well as to conduct post-breach investigations.

Linux Support
Microsoft has offered protections for Windows-based and macOS-based devices in Microsoft Defender for Endpoint, but the product can now remediate vulnerabilities in devices running "RHEL [Red Hat Enterprise Linux], CentOS and Ubuntu" Linux distros.

Microsoft is planning to expand that Linux device support, as well. It will "shortly" add Threat and Vulnerability Management support for "Oracle Linux, CentOS, SUSE and Debian" Linux operating systems at some point.

Mobile Linux support for Android and iOS devices also will be coming to the product. Microsoft expects to add Threat and Vulnerability Management protections for Android and iOS sometime "later this summer." 

Secure Configuration Assessment
Microsoft's Threat and Vulnerability Management capabilities also now include the ability to assess the configurations used for Linux and macOS devices, according to an announcement last week.

This so-called "secure configuration assessment" feature lets IT pros find and fix "device misconfigurations that deviate from security best practices." At present, this feature can identify "over 30 known unsecure configurations" in Linux and macOS devices.

Microsoft has had this secure configuration assessment capability available for Windows-based devices, but now it's just now been extended to Linux and macOS devices. Apparently, the Linux and macOS support is at the preview stage, though.

Microsoft is planning to add the secure configuration assessment capability for Linux and macOS devices as part of Microsoft Secure Score, which is a service designed to measure an organization's overall security posture. Microsoft Secure Score currently is part of the Microsoft 365 Security Center portal.

When the secure configuration capability reaches "general availability," or commercial release, it'll then be available via Secure Score, Microsoft indicated, although the timing wasn't described.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


comments powered by Disqus

Subscribe on YouTube