• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
iGuRu

iGuRu

Real-time Technology News. Opinions & Tweaks

  • / news
  • / infosec
  • / tools
  • / tweaks
  • / dummies
  • / opinions
  • / support
home / News / Microsoft ATP endpoint detection on Linux

Microsoft ATP endpoint detection on Linux

18/11/2020 09:44 by Anastasis Vasileiadis

Microsoft today announced a public preview of Endpoint Detection and Response (EDR) capabilities on Linux servers running Microsoft Defender Advanced Threat Protection (ATP) - now known as Microsoft Defender for Endpoint.

Screenshot 2020 11 18 Microsoft previews Linux endpoint detection and response capabilities1 - Microsoft ATP endpoint detection in Linux

The addition of EDR capabilities allows security analysts to detect attacks on Linux servers almost in real time through alerts that are automatically collected as incidents based on the attacker's performance and techniques.

"It simply came to our notice then preventive capabilities against viruses  and summary reports available through the Microsoft Defender Security Center, ”said Tomer Hevlin, Senior Product Manager at Microsoft.

Microsoft Defender EDR features for Endpoint Linux provide administrators with:

<br>• Rich exploration experience: including machine scheduling, process creation, file creation, network connections, login events and, of course, the popular advanced "hunt".
<br>• Optimized performance: Improved CPU usage in editing processes and large software applications.
<br>• AV detections in the environment: just like with Windows, find out where a threat came from and how the malicious process or activity was created.

Support for Linux devices

Microsoft Defender for Endpoint was made available to corporate customers with Linux devices earlier this year, in June.

Endpoint on Linux comes in the form of a command line product that will send all detected threats to the Microsoft Defender Security Center

EDR capabilities are currently available on Linux server distributions supported by Microsoft Defender for Endpoint: RHEL 7.2+, CentOS Linux 7.2+, Ubuntu 16 LTS or later LTS, SLES 12+, Debian 9+, and Oracle Linux 7.2.

Screenshot 2020 11 18 Microsoft previews Linux endpoint detection and response capabilities - Microsoft ATP endpoint detection in Linux

More information on how to quickly simulate attacks using EDR for Linux can be found here.

Microsoft ATP endpoint detection on Linux was last modified: 18 November, 2020, 9: 44 am by Anastasis Vasileiadis

Subscribe to our newsletter

no spam

spread the news

  • Facebook
  • Twitter
  • Reddit
  • Printing
  • Email

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News


Competition: Newstag: endpoint, linux

You May Also Like

DDOS driver on WiFi network
Kali Linux 2021.1 has just been released
MITM Attack Guide to LAN

About Us Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Previous Post: « Office 365 Phishing campaign detects sandboxes
Next Post: A career in cybersecurity: Is it for you? »

Reader Interactions

Comment Policy:

IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators


Leave your comment
Ακύρωση απάντησης

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *

 

 © 2021 · iGuRu.gr · ☢ · Keep It Simple Stupid Genesis theme

about  ·   get in touch  ·  rss  ·  sitemap  ·  cough

loadingCancel
Could not post post - check your email address!
Email verification failed, please try again
Your blog can not post posts via email.