Microsoft Defender ATP is now available for Linux and soon for iOS and Android


Microsoft shared a lot of things today ahead of RSAC 2020 to be held next week in San Francisco. From all the information Microsoft shared, a lot of it was related to security news and the biggest announcement is the general availability of Microsoft Threat Protection, that uses AI to provide a correlated view of threats and automation to address them.

Also on the other hand, another announcement that Microsoft made that is worth mentioning is the news of Microsoft Defender ATP in which it unveiled its version for Linux And that Android and iOS compatibility is coming, as well as Insider Risk Management and Azure Sentinel.

Getting started with Microsoft Threat Protection (it was released as a public preview in December), it offers an integrated solution built into the Microsoft 365 security suite. That includes Defender Advanced Threat Protection for endpoints, Office 365 ATP for email and collaboration, Azure ATP for identity alerts, and Microsoft Cloud App Security for software-as-a-service applications.

At the beginning of this year, Microsoft shared that custom algorithms and learning models built into Microsoft security solutions that are trained in 8 billion daily threat signals.

Microsoft Threat Protection uses this AI to help security teams prioritize and act on all alerts in organizations, plus it proactively searches for threats between users, email, applications, and endpoints (Windows, macOS, and Linux). The solution investigates threats, responds to them, and automatically restores affected assets to a safe state without human intervention.

Moreover, Insider Risk Management describes itself as a personnel investigation tool and corporate compliance that is now marketed at the GA stage worldwide. Insider Risk Management is designed to track employee 'high risk activities' using artificial intelligence and machine learning technologies,

It also handles alerts and dashboards, takes action on your reports that may rely on using other Microsoft 365 tools such as Microsoft's Advanced eDiscovery service to collect case data. Tracking potential data theft depends on your use of the Microsoft 365 HR Connector. Checking for leaked data requires Microsoft 365 Data Loss Protection service

For its part, Microsoft Defender ATP for Linux was also available starting today. for public review. Following in the footsteps of Apple Inc. users who got a version of macOS in March, Linux version supports servers running distributed versions from RHEL 7+, CentOS Linux 7+, Ubuntu 16 LTS or higher LTS, SLES 12+, Debian 9+ and Oracle EL 7.

This gives administrators using the Microsoft Defender ATP endpoint client access to a command line antivirus product that will feed any detected threats to the Microsoft Defender Security Center.

Although the arrival of a version of Linux was not a surprise since Microsoft had mentioned it in the past, the announcement of the iOS and Android versions came as a surprise.

In a statement, Microsoft Corporate Vice President Rob Lefferts said that

People can end up allowing malware on their devices by installing apps that they find outside of Google Play and that mobile devices can also be subject to phishing. He added that Defender could help companies make employees less vulnerable to such attacks.

A timeline for when Microsoft would release the iOS and Android versions was not specified, though it said it would be available later this year. Microsoft noted that

"It would provide a preview of our investments in mobile threat defense with the work we are doing to bring our solutions to Android and iOS" at the RSA Conference in San Francisco next week.


The content of the article adheres to our principles of editorial ethics. To report an error click here!.

2 comments, leave yours

Leave a Comment

Your email address will not be published.



  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   Roberto said

    The best defense for linux is not to install anything from Microsoft.

  2.   Mephisto Feles said

    This is just a "Trojan Horse" on the part of Microsoft showing off its "love for free software" and there will be no shortage of those who receive it with enthusiasm.
    Is there a need for a system like this in a Gnu / Linux environment, even at the enterprise level?
    In a Gnu / Linux environment it would only serve to protect Windows systems that interact with it, within Linux it has little or no utility.
    He is just a monstrosity born into a system riddled with flaws and insecurities that don't exist around here. And now they want us to believe that it is necessary.
    Maybe now it comes clean, but who guarantees that in the future it will not become malware or a telemetry, surveillance, tracking device ... something in which Microsoft is a master! Although the market share of Linux is still small, there are many companies that use free software and represent a temptation for MS, companies that get out of their control.
    Like the candy attracting the flies.
    Will they publish their source code? ... remains to be seen ...