Microsoft launches Microsoft Defender ATP for Linux and Android

Microsoft Defender ATP service is Microsoft’s endpoint security protection solution for enterprises, which can help enterprise networks detect, prevent, investigate, and respond to advanced security threats. Microsoft has previously released Microsoft Defender ATP for Windows 10 and macOS versions, and now supports Linux operating system and Android operating system to basically complete the full platform coverage (iOS version comes later this year).

The Linux distro currently supported

Red Hat Enterprise Edition REHL 7.2 and higher, CentOS 7.2 and higher, Ubuntu 16.04 LTS and higher, Debian 9 and higher, SUSE Linux Enterprise Server 12 and higher, Oracle Linux 7.2 and higher.

Microsoft said that it will add new features to the Linux version in the next few months. The current features include prevention functions, configuration and management agents, startup scanning, threat management, and complete command-line experience. It can also be integrated with Microsoft Defender Security Center Monitor and report on computer threats.

The functions currently provided for the Android version include

  • Protection from phishing and access to risky domains and URLs through web protection capabilities that will block unsafe sites accessed through SMS/text, WhatsApp, email, browsers, and other apps. We’re using the same Microsoft Defender SmartScreen services that are on Windows to quickly detect malicious sites which means that a decision to block a suspicious site will apply across all devices in the enterprise.
  • Proactive scanning of malicious applications, files, and potentially unwanted applications (PUA) that users may download to their mobile devices. Our capabilities and investments in cloud-powered protection and intelligence on application reputation allow us to quickly detect sophisticated malware and apps that that may display undesirable behavior.
  • Adding layers of protection to help prevent and limit the impact of breaches in an organization. By leveraging tight integration with Microsoft Endpoint Manager and Conditional Access, mobile devices that have been compromised with malicious apps or malware are considered high risk and are blocked from accessing corporate resources.
  • A unified security experience through Microsoft Defender Security Center where defenders can see alerts and easily get the additional context they need to quickly assess and respond to threats across Windows, Mac, Linux, and now mobile devices.

Microsoft also promised to bring more new features to the Android version in the coming months. As for which new features to bring to the Linux and Android versions are temporarily unknown.