Microsoft: Linux Defender antivirus now in public preview, iOS and Android are next

whitestar_999

Super Moderator
Staff member
Source: Microsoft: Linux Defender antivirus now in public preview, iOS and Android are next | ZDNet
Microsoft has announced the public preview of Microsoft Defender Advanced Threat Protection (ATP) antivirus for Linux, as ZDNet reported it would at some point in 2020.

The new Defender Linux endpoint protection rounds out Microsoft Defender ATP on the desktop after Microsoft added support for macOS last year and changed its name from Windows Defender ATP.

Next, Microsoft is looking to add support for mobile, bringing Microsoft Defender to iOS and Android, which it's previewing this week at the RSA Conference.

"We're aiming to protect the modern workplace environment across everything that it is, being Microsoft or non-Microsoft. We're protecting endpoints across Mac and today we're extending this endpoint protection to Linux and to iOS and Android," Moti Gindi, corporate vice president of Microsoft Threat Protection told ZDNet.

Microsoft has also announced general availability of Microsoft Threat Protection (MTP), a bundle of services that includes Microsoft Defender ATP, Office ATP, Azure ATP, and its cloud app security suite.

"We're trying to be holistic across endpoint, identity, data, and applications that relate directly or indirectly to Microsoft platforms," said Gindi.


"Of course, the fact that many organizations are using Windows and Office and Active Directory as the backbone of the cooperating systems also means we need to protect these systems."

MTP relies on Microsoft's access to vast amounts of information from different devices, email accounts, identities through Azure Active Directory, and applications such as Office 365.

The MTP service promises to help security operations-center teams understand threats across these domains by providing security experts' information in a single dashboard.

"You must be an expert in the domain, but you also need to be an expert across the domain – to stick data across endpoints, email, cloud, identity, and applications, and then connect it into to make one basis for detection, and even more importantly remediation and prevention," explained Gindi.

MTP also feeds data to Microsoft's Azure Sentinel, its cloud-based security information and event manager (SIEM) that launched publicly last September.

Sentinel gathers information from sources such as the OS, applications, antivirus, database, and server logs to build threat intelligence for security teams. MTP shares alerts and threat intelligence with Sentinel allowing security teams to view and manage threats across Microsoft and third-party security products.

MTP is available to customers on Microsoft 365 E5, Microsoft 365 E5 Security, Office 365 E5, Enterprise Mobility + Security E5, and Windows E5.

Microsoft is also making a grab for customers using cloud rival Amazon Web Services. Until the end of June 2020 Microsoft is offering a free import of data from AWS CloudTrail data into Sentinel.

AWS CloudTrail data includes logs of all event history in AWS services. There are data-retention charges after 90 days, but the Sentinel service is aimed at helping security teams identify and respond to threats in an AWS environment.

@Nerevarine @Desmond David :lol:
 

Desmond

Destroy Erase Improve
Staff member
Admin
Yeah, I read about this. But I wonder if it's really necessary. Perhaps it's more about endpoint security than anti-virus such as how you have on workstations in the workplaces.

Sent from my GM1911 using Tapatalk
 
OP
W

whitestar_999

Super Moderator
Staff member
May be it is just first step for MS to expand into linux market as well & considering linux servers/workstations are much more than linux pc,it seems logical too.
 

Desmond

Destroy Erase Improve
Staff member
Admin
Microsoft has already released SQL Server, VS Code, etc. for Linux. Also, most people run Linux on Azure, so it makes sense that way as well.
 

Desmond

Destroy Erase Improve
Staff member
Admin
Why not,it is just a matter of time before serious malware authors turn their full attention towards android.
Android already has majority market share in phone OSs and therefore it already has the full attention of malware writers. However, you cannot run a system level virus on Android because all devices have locked bootloaders and are not rooted by default. The class of malware on Android are therefore mostly trojans that snoop on users or hijack their phones. Now, these malware can be avoided by savvy users who know the red flags, for the rest, there are android anti-virus apps such as this.
 
OP
W

whitestar_999

Super Moderator
Staff member
Android already has majority market share in phone OSs and therefore it already has the full attention of malware writers. However, you cannot run a system level virus on Android because all devices have locked bootloaders and are not rooted by default. The class of malware on Android are therefore mostly trojans that snoop on users or hijack their phones. Now, these malware can be avoided by savvy users who know the red flags, for the rest, there are android anti-virus apps such as this.
Yeah but many have started rooting their phones without fully realising the consequences & responsibilities that comes with it & I suspect it is this category of rooted users which is currently in minority but in future will be large enough to become an attractive target.
 

Desmond

Destroy Erase Improve
Staff member
Admin
Yeah but many have started rooting their phones without fully realising the consequences & responsibilities that comes with it & I suspect it is this category of rooted users which is currently in minority but in future will be large enough to become an attractive target.
I sincerely doubt that because phones these days are designed to be more foolproof than PCs. Users are locked out of critical components of the OS by default. If anyone wants to root their devices they have to jump through a number of hoops before accomplishing anything. And judging that the average user would not even think about doing this, I doubt too many people would root their devices, unless someone tricks them into rooting their device, or someone at a service center does it.

Sent from my GM1911 using Tapatalk
 

billubakra

Conversation Architect
I sincerely doubt that because phones these days are designed to be more foolproof than PCs. Users are locked out of critical components of the OS by default. If anyone wants to root their devices they have to jump through a number of hoops before accomplishing anything. And judging that the average user would not even think about doing this, I doubt too many people would root their devices, unless someone tricks them into rooting their device, or someone at a service center does it.

Sent from my GM1911 using Tapatalk
True. Rooting is a waste of time these days. Plus with preinstalled softwares like Knox there is a huge risk.
 

Vyom

The Power of x480
Staff member
Admin
Oh man... I miss the good ol' days of rooting my LG P500. But I left rooting not because of choice but because of the hoops.
LG makes it near impossible to root my LG G6 :(
Rooting maybe a waste of time, but it sure can extend a device's longevity when nearing it's EOL. And which is why manufacturer probably don't want to make it easy for us.
 

Desmond

Destroy Erase Improve
Staff member
Admin
Rooting maybe a waste of time, but it sure can extend a device's longevity when nearing it's EOL. And which is why manufacturer probably don't want to make it easy for us.
Agreed. I'd never root a new device, but I will when it gets old.
 

Nerevarine

Incarnate
As if... OUTLOOK is so good, Apple wants a piece of it. Honestly, MS would rather do uBuntu than Apple any good lol
If you are unaware, Outlook and very few email apps support Microsoft Exchange service which is a proprietary email service similar to POP or IMAP.
Most non linux based product based company mail system relies on Microsoft Exchange. Thats why its a pain in the ass to move to Linux from a windows or mac device even if your job is related to web technologies etc etc.
evolution-ews and Davmail are only way to run mail client on linux. I hate evolution-ews interface and Davmail gateway is way too slow.
 

Engineer.AI

Broken In
If you are unaware, Outlook and very few email apps support Microsoft Exchange service which is a proprietary email service similar to POP or IMAP.
Most non linux based product based company mail system relies on Microsoft Exchange. Thats why its a pain in the ass to move to Linux from a windows or mac device even if your job is related to web technologies etc etc.
evolution-ews and Davmail are only way to run mail client on linux. I hate evolution-ews interface and Davmail gateway is way too slow.
I was SORTA unaware of the fact. Thanks for the info. Seems like you dont like the Linux based clients that well. I really am hesitant (although curious) to shift to Linux... albeit on my smaller laptop.
~Engineer.ai
 

Nerevarine

Incarnate
The linux based clients i mentioned are primitive and try to over engineer mail client solutions instead of letting the system handle it gracefully.
Example -> Evolution EWS is a full fledged Mail + Calendar + contacts sync. It doesnt allow system calendar to get the notifications or the system contacts app to get the contacts.
DavMail is a gateway, meaning you can use any email client with it, it converts MS Active Sync to regular IMAP. In theory, it should solve every problem I face, even calendar and contact sync work properly.. Issue is its terribly slow.
Thunderbird apparently has a plugin to support exchange but I gave up after DAVmail and just use a pinned tab instead.
 

Engineer.AI

Broken In
The linux based clients i mentioned are primitive and try to over engineer mail client solutions instead of letting the system handle it gracefully.
Example -> Evolution EWS is a full fledged Mail + Calendar + contacts sync. It doesnt allow system calendar to get the notifications or the system contacts app to get the contacts.
DavMail is a gateway, meaning you can use any email client with it, it converts MS Active Sync to regular IMAP. In theory, it should solve every problem I face, even calendar and contact sync work properly.. Issue is its terribly slow.
Thunderbird apparently has a plugin to support exchange but I gave up after DAVmail and just use a pinned tab instead.
Thats...incredibly demotivating! One might AT THE LEAST use their weak PC for mailing purposes. But given your experiences, I dont think that is an option. Really wanted that Linux tho. So why do ppl still use it, if even mailing is such a chore!?
 
Top Bottom