Microsoft’s server-based Linux security program is now generally available to guard your Linux servers, Windows desktops, and Macs. It’s surprising but Microsoft now produces Linux security programs. However, Linux desktop users will still have to wait as this version ain’t for them.
The job of Microsoft defender is to protect the Linux servers against network and server threats.
With the latest EDR capabilities, Linux Defender users can identify the advanced attack which also includes Macs and Windows desktops. Linux servers, use rich experience, and promptly resolve the threats.
The latest version of Microsoft’s security program for Linux incorporates:
- Rich investigation experience, which includes machine timeline, process creation, file creation, network connections, login events, and advanced hunting.
- Optimized performance-enhanced CPU utilization in compilation procedures and large software deployments.
- In-context AV detections, similar to the Windows, you will obtain insight into where a threat appeared from and how was the malicious process or activity was created.
- It additionally is caused by custom detections on the top of its other threat-hunting skills.
The comprehensive suite of Microsoft Defender EDR abilities are supported across the below popular Linux server distribution:
- RHEL 7.2+
- CentOS Linux 7.2+
- Ubuntu 16 LTS, or higher LTS
- SLES 12+
- Debian 9+
- Oracle Linux 7.2
With Linux configuration management tools like Puppet, Ansible, or others, you can deploy and configure the Linux solution.
To run Microsoft Defender for Endpoint on Linux, you’ll require a server license. If you are currently testing the public preview, update the agent to a released version 101.18.53 or higher. If you are already running it in production, your devices will seamlessly get the latest EDR capability quickly as you update the agent to version 101.18.53 or higher.
Subscribe to our newsletter for the latest security news right from the security and research industries.