Home > Research > Microsoft Defender ATP for Linux Servers on Public Preview

Microsoft Defender ATP for Linux Servers on Public Preview

Similar to how Microsoft Defender Advanced Threat Protection (ATP) was deployed for MacOS earlier last year, Microsoft is debuting its endpoint protection agent to Linux on servers for public preview. Customers will be able to pilot the solution and provide feedback prior to Microsoft fully deploying the solution. Microsoft ATP for Linux is expected to be generally available by the end of 2020.

Microsoft ATP for Linux can run on the following Linux server distributions:

  • RedHat Enterprise Linux 7 or higher
  • Ubuntu 16.04 LTS or higher
  • CentOS 7 or higher
  • SUSE Linux Enterprise Server 12 or higher
  • Debian 9 or higher
  • Oracle Enterprise Linux

Note: The initial public preview will not include all remediation action capabilities seen in the Windows compatible Microsoft ATP solution.

Above: Alerts and events feed into Microsoft Defender Security Center.
Source: Microsoft

Our Take

Microsoft strategically moves its agenda forward by providing comprehensive endpoint security. Its expanded scope and single console across all platforms (Windows, Mac, Linux) address the common customer pain points of monitoring and maintaining multiple system and technology solution dashboards throughout the day. While it is not uncommon to offer endpoint protection across these platforms in a single-threat protection environment, the plan to extend into all endpoint channels is a much-needed effort if Microsoft wants to stay competitive in the endpoint security market. Therefore, Microsoft’s strategy is applauded, and it creates a level of anticipation around how the Linux platform will hold up in performance – particularly when run in conjunction with other third-party endpoint protection product variants (e.g. EDR, AV, EPP).

Source: Software Reviews Endpoint Protection, Report Published March 2020


Want to Know More?

Debunk Machine Learning Endpoint Security Solutions