Microsoft has announced that it will introduce its enterprise security product Defender Advanced Threat Protection (ATP) to Linux in 2020. Microsoft Ignite’s annual developer conference, Microsoft Ignite, has just concluded with some important Linux-related announcements. You probably already know that Microsoft introduced the Edge Web browser to Linux, and the next big news is That Microsoft introduced Defender ATP to Linux!
Let’s take a closer look at what it is and why Microsoft doesn’t bother to develop something for Linux.
What is Microsoft Defender ATP?
If you’ve used Windows in the past few years, you’ve definitely met Windows Defender. It’s basically Microsoft’s antivirus product, providing a degree of security by detecting viruses and malware.
Microsoft improved this functionality for its enterprise users by introducing Windows Defender ATP (Advanced Threat Protection). Defender ATP is committed to behavioral analysis. It collects usage data and stores it on the same system. However, when the behavior is found to be inconsistent, it sends the data to Azure Services (Microsoft’s cloud service). Here, it collects behavioral data and exception information.
For example, if you receive an e-mail message with a PDF attachment that you open and open the command prompt, Defender ATP will notice this unusual behavior. I recommend reading this article to learn more about the difference between Defender and Defender ATP.
Now, it’s all an enterprise-class product. In large enterprises with hundreds or thousands of endpoints (computers), Defender ATP provides a good layer of protection. IT administrators can view the endpoints centrally on their Azure instances, analyze threats and take action.
Microsoft Defender ATP for Linux (and Mac)
Typically, Windows is installed on enterprise computers, but Mac and Linux are also particularly popular with developers. In a Windows machine environment that mixes Mac and Linux, Defender ATP must extend its services to these operating systems so that it provides overall defense for all devices on the network.
Note that Microsoft first changed the Windows Defender ATP to Microsoft Defender ATP in March 2019, indicating that the product is not limited to the Windows operating system.
Shortly thereafter, Microsoft announced the launch of the Mac version of Defender ATP.
Microsoft will now introduce Defender ATP to Linux in 2020 to cover all major operating systems in the enterprise environment.
How does Microsoft Defender ATP on Linux affect Linux users?
Because Defender ATP is an enterprise product, I don’t think you need to worry about it. Organizations need to protect their endpoints from threats, so Microsoft is also improving its products to cover Linux.
For a regular Linux user like you and me, this makes no difference. I won’t use it to “protect” my three Linux systems and pay Microsoft for it.
Feel free to share your thoughts on Microsoft’s introduction of Defender ATP to Linux in the comments section.
Author: Abhishek Prakash, author: lujun9972, translated: wxy.8, proofreading: wxy.
This article was originally compiled by LCTT, Linux China, and launched with honor