Security Experts:

Connect with us

Hi, what are you looking for?


Endpoint Security

Microsoft Launches Defender ATP Endpoint Security for macOS

Microsoft Brings Defender Advanced Threat Protection to macOS

Microsoft Brings Defender Advanced Threat Protection to macOS

Microsoft this week announced the availability of its Microsoft 365 advanced endpoint security solution across platforms, courtesy of Mac support added to Microsoft Defender Advanced Threat Protection (ATP).

Introduced in early 2016, the tool has been so far known as Windows Defender ATP, due to the fact that it has been available on Microsoft’s Windows operating system only. With the new launch, Microsoft also changed its name to Microsoft Defender Advanced Threat Protection (ATP).

Initially available on Windows 10 only, the tool was launched on Windows 7 and Windows 8.1 last year, and also received numerous enhancements over the past couple of years. 

Microsoft Defender ATP PreviewThe most recent improvement to Microsoft Defender ATP was the addition of Threat Experts last month, a new service to provide experts who can extend the capabilities of an organization’s security operations center.

The initial launch of Microsoft’s security solution on Mac involves a limited public preview and a new user interface meant to provide Mac users with the same experience currently available to Windows 10 users. 

Microsoft Defender ATP can be installed on devices running macOS Mojave, macOS High Sierra, or macOS Sierra. Microsoft Defender ATP customers can now apply for preview. 

In the limited preview, the anti-malware app also allows end users to review and perform configuration of their protection, including running scans (full, quick, and custom path), reviewing detected threats, and taking actions on threats (quarantine, remove, or allow). 

Advanced settings will allow users to disable or enable real-time protection, cloud-delivered protection, and automatic sample submission, add exclusions for files and paths, manage notifications when threats are found, and manually check for security intelligence updates. 

Administrators will be able to disable some of these options using Microsoft Intune or other Mac management consoles, to prevent end users from making changes.

“Machines with alerts and detections will be surfaced in the Microsoft Defender ATP portal, including rich context and alert process trees. Security analysts and admins can review these alerts just as they can do today – except they’ll also see detections on Mac devices,” Microsoft explains

Also this week, the software giant announced Threat and Vulnerability Management (TVM), a new capability within Microsoft Defender ATP, which should help security teams “discover, prioritize, and remediate known vulnerabilities and misconfigurations exploited by threat actors.”

TVM, which allows customers to evaluate the risk-level of threats and vulnerabilities and prioritize remediation, will be available as a public preview for Microsoft Defender ATP customers within the next month. 

“Threat & Vulnerability Management (TVM) serves as an infrastructure for reducing organizational exposure, hardening endpoint surface area, and increasing organizational resilience. Furthermore, it bridges security stakeholders—security administrators, security operations, and IT administrators—by allowing them to collaborate and seamlessly remediate threats,” Microsoft says

Related: Chrome, Firefox Get Windows Defender Application Guard Extensions

Related: Microsoft Unveils New Azure, Windows Defender ATP Tools

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Endpoint Security

The Zero Day Dilemma

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Application Security

Less than a week after patching critical security defects affecting multiple enterprise-facing products, VMware is warning that one of the flaws is being exploited...