Microsoft is bring about a displaying its Windows Defender anti-malware application to macOS—and more platforms in the future—as it develops the reach of its Defender Advanced Threat Protection (ATP) platform. To reflect the new cross-platform scenery, the suite is also being renamed to Microsoft Defender ATP, with the lone clients being labelled “for Mac” or “for Windows.”macOS malware is still something of a unusualness, but it’s not completely unheard of. Ransomware for the platform was found in 2016, and in-the-wild outbreaks of other malicious software extend to be found. Apple has integrated some malware protection into macOS, but we’ve discovered from developers on the platform that Mac users aren’t always totally good at keeping their systems on the latest point release. This ball game is particularly acute in corporate environments; while Windows has a range of weapons to ensure that systems are kept up-to-date and alert administrators if they diminish behind, a similar ecosystem hasn’t been developed for macOS.
One whim hope that Defender for Mac will also trap Windows malware to avoid Mac users from spreading malware to their Windows colleagues.
The commencing preview of Defender for Mac will focus on signature-based malware detection. This is no more than the start, however. Defender ATP for Windows tracks various system behaviors and recounts them to the ATP cloud service, which can be used to detect threats unvaried without identifying any specific piece of malware. For example, if a system is iteratively opportunity and overwriting all its documents, there’s a good chance that it’s running some lenient of ransomware process that’s systematically encrypting the user’s files. ATP can attentive administrators that this is happening. The Mac client should over even so grow to include similar reporting capabilities. Microsoft is also combining it into other cloud services, such as Intune device administration.
Those cloud services are growing ever more capable, too. Microsoft’s system-management software can already publish on systems that are using insecure configurations or running out-of-date software, but Defender ATP’s new Presage & Vulnerability Management will expand this. The various risk financiers will be prioritized according to the current threat landscape—for example, updating systems operation insecure software versions becomes more pressing if there’s lively exploitation in the wild—so that administrators can focus on the software updates and configuration vacillate turn inti that offer the most bang for their buck in terms of grounding their exposure to risks.
Further, TVM will integrate with Intune and Set-up Center Configuration Manager to push the recommended fixes to machines that call for them. TVM can then track the progress of these remediation activities as they’re trundled out.
Microsoft hasn’t said explicitly which other platforms bequeath be Defender’s next targets. However, its video promotion for Defender for Mac frolics a surprising number of penguins, making Linux a likely candidate.