Microsoft Defender ATP coming to Linux, iOS and Android

Topic

New Reply

Today, we’re announcing another step in our journey to offer security from Microsoft with the public preview of Microsoft Defender ATP for Linux. Extending endpoint threat protection to Linux has been a long-time ask from our customers and we’re excited to be able to deliver on that. We know our customers’ environments are complex and heterogenous. Providing comprehensive protection across multiple platforms through a single solution and streamlined view is more important than ever. Next week at the RSA Conference, we’ll provide a preview of our investments in mobile threat defense with the work we’re doing to bring our solutions to Android and iOS.

https://www.microsoft.com/security/blog/?p=90583

1 user thanked author for this post.

Nathan Parker

Reply | Quote

Replies

This announcement about Microsoft Threat Protection (MTP), including the part about Microsoft Defender ATP, seems to be directed at people in the IT departments of governments, different types of public organizations and private corporations. The MS announcement mentions its partnership with the MITRE Corporation, that researches various aspects of risks to national security and ways to defend from them and provides advice and technical help to the USA government, so this development could be taken seriously. I don’t think that is very relevant to operators of small networks, or small business, or home users. But you never now: if Microsoft Defender pans out, eventually there could be useful spinoffs for those other markets as well. I don’t know what the people that develop the various Linux distros will make of this. It should be interesting to find out.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

“Extending endpoint threat protection to Linux has been a long-time ask from our customers”

Really?!? Seriously???

Hmmmm. No, can’t recall anyone I’ve ever met with any real technical awareness expressing a desire to port “Microsoft-level security” to their unix/linux boxen…

Maybe not a bad idea, as it would probably help protect the Windows boxes in a heterogeneous computing environment, but _only if running the software doesn’t degrade the performance or security posture of the host linux systems_.

Reply | Quote

Just a friendly reminder that Windows Defender <> Microsoft Defender ATP.

Reply | Quote

“Generally available Microsoft Threat Protection (MTP) provides the built-in intelligence, automation, and integration to coordinate protection, detection, response, and prevention by combining and orchestrating into a single solution the capabilities of Microsoft Defender Advanced Threat Protection (ATP) (endpoints), Office 365, ATP (email), Azure ATP (identity), and Microsoft Cloud App Security (apps).”

This and more information, here:

https://www.microsoft.com/security/blog/2020/02/20/microsoft-threat-protection-intelligence-automation/

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

I don’t believe I’ve ever seen such a buzzword-heavy document! The ubiquity of buzzwords in this Microsoft whitepaper motivates me to wait on further confirmation from additional stakeholders prior to accepting the premises presented by the author.

See how that works? What I wrote sounds really “expert” in tone. However, if I write it in plain English, I don’t sound so much like an expert:

“The fact that the document is filled with buzzwords throughout causes me to doubt what it says, because those who have nothing to say can make it sound like something brilliant if they master all of the appropriate buzzwords. I want to wait to see what others say about Microsoft Defender ATP for Linux prior to buying into it.”

I suppose Microsoft knows what they are doing when it comes to anti-malware for Linux; but that isn’t their expertise; their expertise is in the Windows arena.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

I have some reason to believe that the use of those buzzwords might be necessary to communicate with the personnel in charge of the  IT departments of the large organizations the article seems to be aimed at. Those particular IT people use some pretty narrowly defined and stilted vocabulary in the formal writing of contracts, regulations, courses (such as the one I have to take once a year on IT Security), etc. So it might not be just some PR person trying to create a big impression. But there might be some of that too.

In any event, it does not look to me like this concerns, at this time, small-time users such as myself and many others around here. Even those that administer small networks.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Whenever I see so many buzzwords, I automatically assume that they are trying to sell me something. I never think that they are accurately describing something.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

1 user thanked author for this post.

Elly

Reply | Quote

Microsoft’s Defender Advanced Threat Protection is coming to iOS and Android

I never could find out from Microsoft: 1. How I could purchase a license to this 2. How much it costs per month or per year 3. How it compares with other solutions such as Webroot.

Nathan Parker

Reply | Quote

When did you ask? It was only announced yesterday as a plan for the future.

2 users thanked author for this post.

rc primak, Nathan Parker

Reply | Quote

I asked a while back when they started rolling it out for just Windows PC’s (and I had a Windows PC). I had Office 365 and Office 365 ATP in a Small Business environment, so I was curious to if Defender ATP would offer me better protection and centralize my subscriptions than a third-party service. I never could get any details on pricing on it though and comparisons to third-party solutions.

Nathan Parker

1 user thanked author for this post.

rc primak

Reply | Quote

Isn’t this a more enterprise level product? Not something for just a single or few computers but hundreds or thousands??

Just because you don't know where you are going doesn't mean any road will get you there.

2 users thanked author for this post.

rc primak, Nathan Parker

Reply | Quote

Wavy: I think, yes, it looks that way reading the document. If it were meant to be sold to us teeming millions, it would not be going on about things most of us are unlikely to want, need or be able to use. Unless the bundle of services described there can be broken up and some bits made available to those of us that could and would use them.

As to MrJimPhelps last comment ( #2169302 ), in line with an earlier one of his also here, I say: bussinesspeak mealymouthed pomposity has gradually corrupted everyday language, particularly the use of long “difficult” words (e.g. “Momentarily” instead of “soon” or “shortly”) by advertising copywriters and PR people to give the appearance of gravitas and, or superior knowledge in order to impress us rubes. So the use here of some of such vocabulary, because it has become the standard one to use in formal communications, cannot be ruled out entirely.

So it is hard for me to know, at least in this case, whether this is just a glorified ad to sell something to the big bosses that decide what to buy, or is mainly a straight description of a service bundle made using accepted, if awkward, jargon. Or both. Fortunately, in my situation, I can ignore this thing and go on my merry way. For now, at least…

But what might the Linux developers make of this? I would love to hear about that — if there is anything to hear, that is.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

1 user thanked author for this post.

Nathan Parker

Reply | Quote

I think Linux developers would be even more suspicious than Windows folks when they hear or read a lot of buzzwords. The Linux world is pretty straightforward and open source, so buzzwords for the sake of bluffing someone would be spotted immediately.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

1 user thanked author for this post.

rc primak

Reply | Quote

OscarCP wrote:

But what might the Linux developers make of this? I would love to hear about that — if there is anything to hear, that is.

Maybe of interest to Linux server farms with lots of Windows VMs. Or maybe the easily duped managers…

Just because you don't know where you are going doesn't mean any road will get you there.

1 user thanked author for this post.

rc primak

Reply | Quote

“Filled with buzzwords”  Or as Woody calls such Bizspeak, Bafflegab!

Linux developers extended ClamAV to include Windows and other platforms. So why not have Microsoft extend ATP for Linux? In itself it’s neither fish nor foul.

But this is Microsoft we are looking at here. So remember the Three E’s: Embrace, Extend, Extinguish!

-- rc primak

2 users thanked author for this post.

Elly, wavy

Reply | Quote