March 27, 2019
Microsoft will extend its Windows Defender software to include computers running macOS. In the process, the company renamed the software Microsoft Defender Advanced Threat Protection (ATP); the original name was the Windows Defender ATP. The dedicated Mac-based Defender ATP will perform speedy or full scans and offer complete virus and threat protection. Businesses with a mix of PCs and Macs will have the opportunity to test out the software; currently, the new software is only available to business clients.
The Verge reports that, “Microsoft is using its AutoUpdate software on macOS to keep the client up to date, and it will be available on devices running macOS Mojave, macOS High Sierra, or macOS Sierra.” It added that Microsoft has not revealed whether it plans a consumer version for the Mac. Currently, Defender is built into Windows 10.
According to Microsoft corporate vice president of security Rob Lefferts, on February 28 the company launched “Microsoft Threat Experts, a new managed hunting service within the Microsoft 365 Security portfolio” that offers customers “the help of Microsoft security professionals.” This release, he said, “showcased our philosophy that security is about leveraging cloud services.”
In addition to extending the software to the Mac platform, Lefferts explained that Microsoft is “making Threat and Vulnerability Management (TVM) capabilities available in Microsoft Defender ATP to discover, prioritize, and remediate threats and vulnerabilities, available today in preview.”
The capabilities, intended to “build on the strong security advancements” and reduce organizational risk, leverages Microsoft’s “endpoint sensors for real-time visibility, worldwide optics of Microsoft and third-party installed applications, and threat intelligence to help our customers prioritize and focus on the weaknesses that pose the highest risk to their organization right now.”
Threat and Vulnerability Management allows customers “to evaluate the risk level of threats and vulnerabilities and prioritize remediation based on signals they receive from Microsoft Defender ATP.” Among the new features are “real-time detection insights correlated with endpoint vulnerabilities; machine vulnerability context during incident investigations; and built-in remediation processes through integration with Microsoft Intune and Microsoft System Center Configuration Manager.”
Microsoft will make TVM available as a public preview for Defender ATP customers sometime in April. More information is available on the company’s Tech Blog. Customers can sign up for a limited preview, which will add “Endpoint Detection and Response, as well as TVM capabilities, during the preview program.”