Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Microsoft Launches Defender ATP Endpoint Security for macOS

Microsoft Brings Defender Advanced Threat Protection to macOS

Microsoft Brings Defender Advanced Threat Protection to macOS

Microsoft this week announced the availability of its Microsoft 365 advanced endpoint security solution across platforms, courtesy of Mac support added to Microsoft Defender Advanced Threat Protection (ATP).

Introduced in early 2016, the tool has been so far known as Windows Defender ATP, due to the fact that it has been available on Microsoft’s Windows operating system only. With the new launch, Microsoft also changed its name to Microsoft Defender Advanced Threat Protection (ATP).

Initially available on Windows 10 only, the tool was launched on Windows 7 and Windows 8.1 last year, and also received numerous enhancements over the past couple of years. 

Microsoft Defender ATP PreviewThe most recent improvement to Microsoft Defender ATP was the addition of Threat Experts last month, a new service to provide experts who can extend the capabilities of an organization’s security operations center.

The initial launch of Microsoft’s security solution on Mac involves a limited public preview and a new user interface meant to provide Mac users with the same experience currently available to Windows 10 users. 

Microsoft Defender ATP can be installed on devices running macOS Mojave, macOS High Sierra, or macOS Sierra. Microsoft Defender ATP customers can now apply for preview. 

In the limited preview, the anti-malware app also allows end users to review and perform configuration of their protection, including running scans (full, quick, and custom path), reviewing detected threats, and taking actions on threats (quarantine, remove, or allow). 

Advanced settings will allow users to disable or enable real-time protection, cloud-delivered protection, and automatic sample submission, add exclusions for files and paths, manage notifications when threats are found, and manually check for security intelligence updates. 

Advertisement. Scroll to continue reading.

Administrators will be able to disable some of these options using Microsoft Intune or other Mac management consoles, to prevent end users from making changes.

“Machines with alerts and detections will be surfaced in the Microsoft Defender ATP portal, including rich context and alert process trees. Security analysts and admins can review these alerts just as they can do today – except they’ll also see detections on Mac devices,” Microsoft explains

Also this week, the software giant announced Threat and Vulnerability Management (TVM), a new capability within Microsoft Defender ATP, which should help security teams “discover, prioritize, and remediate known vulnerabilities and misconfigurations exploited by threat actors.”

TVM, which allows customers to evaluate the risk-level of threats and vulnerabilities and prioritize remediation, will be available as a public preview for Microsoft Defender ATP customers within the next month. 

“Threat & Vulnerability Management (TVM) serves as an infrastructure for reducing organizational exposure, hardening endpoint surface area, and increasing organizational resilience. Furthermore, it bridges security stakeholders—security administrators, security operations, and IT administrators—by allowing them to collaborate and seamlessly remediate threats,” Microsoft says

Related: Chrome, Firefox Get Windows Defender Application Guard Extensions

Related: Microsoft Unveils New Azure, Windows Defender ATP Tools

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Endpoint Security

Gigabyte has announced BIOS updates that remove a recently identified backdoor feature in hundreds of its motherboards.

Endpoint Security

Several major companies have published advisories in response to the Downfall vulnerability affecting Intel CPUs.

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Endpoint Security

The Zero Day Dilemma

Endpoint Security

When establishing visibility and security controls across endpoints, security professionals need to understand that each endpoint bears some or all responsibility for its own...