Microsoft Defender ATP Extends to Android Devices, Linux
Microsoft has released Defender Advanced Threat Protection (ATP) for Android devices and Linux. The cross-platform cybersecurity push reinforces CEO Satya Nadella’s strategy to expand Microsoft services far beyond Windows environments.
Defender ATP for Android enables organizations to restrict access to corporate data from Android devices that are deemed “risky,” Microsoft indicated. It also provides access to security events and alerts via Defender Security Center.
In addition, Defender ATP for Android offers the following web protection capabilities:
- Anti-Phishing: Blocks access to unsafe websites from SMS/text, WhatsApp, email, browsers and other apps.
- Network Protection: Blocks unsafe network connections.
- Custom Indicators: Enables security teams to create custom indicators to block URLs and domains users.
A public preview version of Defender ATP for Android is available. Furthermore, Microsoft intends to roll out new capabilities for Defender ATP for Android and release Defender ATP for iOS devices later this year.
Microsoft Defender ATP for Linux
Meanwhile, ATP also supports such Linux distributions as:
- Red Hat Enterprise Linux (RHEL) 7.2+
- CentOS Linux 7.2+
- Ubuntu 16 LTS, or higher LTS
- SUSE Linux Enterprise Server (SLE) 12+
- Debian 9+
- Oracle Linux 7.2
It can be deployed and configured using Puppet, Ansible, or Linux configuration management tools.
This initial release delivers preventive capabilities, a command line experience on the client to configure and manage the agent, initiate scans, manage threats, and an integrated experience for machines and alert monitoring in the Microsoft Defender Security Center, the company says.
Cybereason Announces MDR for Android Devices
Along with Defender ATP, endpoint protection company Cybereason in April launched a Mobile MDR (Managed Detection and Response) service for Android.
Mobile MDR provides threat prevention, detection, investigation and remediation across an organization’s Android and iOS devices, workstations and laptops, the company said. It also conducts behavior-based analysis to uncover suspicious activity and uses machine learning and a big data architecture to connect events across the full attack lifecycle.