Microsoft Brings Defender Advanced Threat Protection to macOS
Microsoft this week announced the availability of its Microsoft 365 advanced endpoint security solution across platforms, courtesy of Mac support added to Microsoft Defender Advanced Threat Protection (ATP).
Introduced in early 2016, the tool has been so far known as Windows Defender ATP, due to the fact that it has been available on Microsoft’s Windows operating system only. With the new launch, Microsoft also changed its name to Microsoft Defender Advanced Threat Protection (ATP).
Initially available on Windows 10 only, the tool was launched on Windows 7 and Windows 8.1 last year, and also received numerous enhancements over the past couple of years.
The most recent improvement to Microsoft Defender ATP was the addition of Threat Experts last month, a new service to provide experts who can extend the capabilities of an organization’s security operations center.
The initial launch of Microsoft’s security solution on Mac involves a limited public preview and a new user interface meant to provide Mac users with the same experience currently available to Windows 10 users.
Microsoft Defender ATP can be installed on devices running macOS Mojave, macOS High Sierra, or macOS Sierra. Microsoft Defender ATP customers can now apply for preview.
In the limited preview, the anti-malware app also allows end users to review and perform configuration of their protection, including running scans (full, quick, and custom path), reviewing detected threats, and taking actions on threats (quarantine, remove, or allow).
Advanced settings will allow users to disable or enable real-time protection, cloud-delivered protection, and automatic sample submission, add exclusions for files and paths, manage notifications when threats are found, and manually check for security intelligence updates.
Administrators will be able to disable some of these options using Microsoft Intune or other Mac management consoles, to prevent end users from making changes.
“Machines with alerts and detections will be surfaced in the Microsoft Defender ATP portal, including rich context and alert process trees. Security analysts and admins can review these alerts just as they can do today – except they’ll also see detections on Mac devices,” Microsoft explains.
Also this week, the software giant announced Threat and Vulnerability Management (TVM), a new capability within Microsoft Defender ATP, which should help security teams “discover, prioritize, and remediate known vulnerabilities and misconfigurations exploited by threat actors.”
TVM, which allows customers to evaluate the risk-level of threats and vulnerabilities and prioritize remediation, will be available as a public preview for Microsoft Defender ATP customers within the next month.
“Threat & Vulnerability Management (TVM) serves as an infrastructure for reducing organizational exposure, hardening endpoint surface area, and increasing organizational resilience. Furthermore, it bridges security stakeholders—security administrators, security operations, and IT administrators—by allowing them to collaborate and seamlessly remediate threats,” Microsoft says.
Related: Chrome, Firefox Get Windows Defender Application Guard Extensions
Related: Microsoft Unveils New Azure, Windows Defender ATP Tools