Microsoft released an Advanced Threat Protection (ATP) program for Linux and Android users to enhance endpoint security.
Microsoft Defender Advanced Threat Protection program designed to protect Linux servers from various threats. This version of the program is not meant for your desktop (GUI) instead you can use such as Sophos or ClamAV.
Microsoft Defender Advanced Threat Protection (ATP) For Linux
This program may help sysadmins and security professionals to perform virus scans and reconnaissance.
“Adding Linux into the existing selection of natively supported platforms by Microsoft Defender ATP marks an important moment for all our customers. It makes Microsoft Defender Security Center a truly unified surface for monitoring and managing security of the full spectrum of desktop and server platforms that are common across enterprise environments (Windows, Windows Server, macOS, and Linux),” noted Helen Allas, a principal program manager at Microsoft.
Microsoft defender advanced threat protection (ATP) now supports these Linux server distros,
- RHEL 7.2+
- CentOS Linux 7.2+
- Ubuntu 16 LTS, or higher LTS
- SLES 12+
- Debian 9+
- Oracle Linux 7.2
“This initial release delivers strong preventive capabilities, a full command line experience on the client to configure and manage the agent, initiate scans, manage threats, and a familiar integrated experience for machines and alert monitoring in the Microsoft Defender Security Center,” Allas explained.
Antivirus alert information:
- Scan type
- Device information (see below for details)
- File information (name, path, size, and hash)
- Threat information (name, type, and state)
- Machine identifier
- Tenant identifier
- App version
- OS type
- OS version
- Computer model
- Processor architecture
- Whether the device is a virtual machine
Microsoft Defender Advanced Threat Protection (ATP) For Android
Microsoft announced Defender ATP for Android as well. The Microsoft Defender will add another layer of protection such as blocking access to adware, malware-infected apps/sites, phishing sites, and block network threats.
- Web protection
- Malware scanning
- Blocking access to sensitive data
- Unified SecOps experience
Notification will appear asking users to take action or dismiss the notification.