Microsoft has rolled out the public preview for is Defender for Endpoint software on Linux systems, giving IT administrators outside of the Windows 10 ecosystem a comparable level of protection.
Defender for Endpoint customers can take advantage of endpoint detection and response (EDR) capabilities to detect advanced threats involving Linux servers, use data from endpoints to gain insights, and remediate attacks.
The software supports recent versions of the six most common Linux distributions, including RHEL 7.2+, CentOS Linux 7.2+, Ubuntu 16 LTS or higher, SLES 12+, Debian 9+ and Oracle Linux 7.2.
This expansion builds on the company’s general release of Microsoft Defender Advanced Threat Protection (ATP) for Linux earlier this year. This is in addition to Microsoft bolstering security for Android and iOS platforms.
With the Defender ATP for Linux, which was made generally available from June 2020, enterprise customers were able to install a similar level of protection on their Linux systems as they could on Microsoft systems within their infrastructures.
Using Defender for Endpoint EDR, users can immediately begin benefiting from three new feature areas including a rich investigative experience, optimised performance, and in-context threat detection.
Features for the first category comprise a machine timeline, process creation, file creation, network connections, login events and advanced hunting. Optimised performance entails enhancing CPU utilisation in compilation procedures as well as large software deployments. In-context antivirus detections, meanwhile, gives users insight as to where a threat came from and how the malicious process or activity was created.
Users can engage in the public preview by configuring some of their Linux servers to Preview mode if they’re already running Microsoft Defender for Endpoint on Linux. Customers are also being encouraged to test out a simulated attack tool, in which Linux EDR can simulate a detection on a server, and trigger an investigation of the case.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
HPE eyes enterprise data sovereignty gains with Aruba Networking Central expansionNews HPE has announced a sweeping expansion of its Aruba Networking Central platform, offering users a raft of new features focused on driving security and data sovereignty.
-
Fortify your future: How HPE ProLiant Servers deliver top-tier cyber security, management, and performanceWhitepaper Deploy servers with a secure approach
-
Fortify your future with HPE ProLiant Servers powered by IntelWhitepaper Enhance your security and manage your servers more effectively
-
Architecting enterprise networks for the next decadeWhitepaper A new paradigm in network architecture
-
Why network monitoring tools fail within secure environmentsWhitepaper Gain visibility into devices, networks, and applications
-
Better together: HPE Aruba Networking CX switches and HPE Aruba Networking CentralWhitepaper Explore the power and simplicity of managing HPE Aruba Networking CX Switches with HPE Aruba Networking Central
-
Cyber-resilient infrastructure starts with server securitywhitepaper Take a security-focused approach when investing in the next wave of IT infrastructure.
-
Driving digital innovation with intelligent infrastructurewhitepaper Strong infrastructure investment is driving digital in all industries
