Microsoft Defender ATP now secures networked Linux, macOS devices

Microsoft has added support for identifying and assessing the security configurations of Linux and macOS endpoints on enterprise networks using Microsoft Defender for Endpoint (previously Microsoft Defender Advanced Threat Protection).

The secure configuration assessment feature is now in public preview, and it has expanded to include macOS and Linux devices after initially only supporting Windows 10 and Windows Server devices.

“With this expansion, organizations can now discover, prioritize, and remediate over 30 known unsecure configurations in macOS and Linux to improve their organization’s security posture,” Gilad Mittelman, Senior Product Manager at Microsoft, said.

“We’ll be continuously expanding on the initial set of supported configuration assessments to provide more visibility into your security posture.”

This feature is implemented as a component of Microsoft Secure Score for Devices used to gauge the security state of enterprise networks to increase the overall security of an organization’s endpoints.

A higher Microsoft Secure Score for Devices means endpoints on your organization’s network are more resilient from cybersecurity threat attacks.

Once it reaches general availability, the macOS and Linux configuration assessments will move to the Microsoft Secure Score dashboard.

macOS security configuration assessment
macOS security configuration assessment (Microsoft)

This newly added Microsoft Defender for Endpoint feature identifies misconfigured systems and provides recommended actions to increase security.

It does that by evaluating the security configuration state of enterprise network devices across the operating system, application, network, accounts, and security controls categories.

To increase your endpoints’ overall security, you have to remediate the issues added to the security recommendations list.

Microsoft Secure Score for Devices will also improve while going through the security recommendations and addressing them one at a time, thus making your org’s entire network more resilient against cybersecurity threats and vulnerabilities.

The procedure you need to follow to address the issues found by Microsoft Secure Score for Devices while assessing your Linux and macOS network devices is available here.

Microsoft Defender for Endpoint was made generally available for Macs in May 2019, and it expanded to Linux devices one year later, in June 2020.

Starting with October 2020, Microsoft Defender for Endpoint also provides admins with a report that helps them keep track of vulnerable Windows and macOS devices within their organization’s environment.

Defender for Endpoint can also help admins discover OS and software vulnerabilities impacting their macOS endpoints.