Rumors that Apple is planning an architecture switch away from Intel chips to its own silicon have been circulating for some time now, but recent reports suggest that Apple’s revamping will be widespread, and bring even tighter integration between iPhone, iPad, and the Mac. Read more: https://zd.net/2EViugP
Microsoft’s enterprise security platform Windows Defender Advanced Threat Protection (ATP) can now protect macOS devices in addition to Windows 10 ones, Microsoft announced today.
To reflect its coverage of non-Windows operating systems, Microsoft has also decided to rename its next-gen anti-malware product Microsoft Defender ATP.
Microsoft Defender ATP for Mac is available now in limited preview and follows the February expansion of the security service beyond Windows 10 to Windows 7 and Windows 8.1.
Microsoft Defender ATP gives customers the ability to prevent, detect, investigate, and respond to advanced malware attacks. Enterprise security teams can collect sensor data from Windows 10 and now Mac devices, store it in a private cloud instance of Microsoft Defender ATP, and then use Microsoft’s cloud security analytics services to convert the data into threat intelligence.
Customers that sign up will get “next-gen antivirus protection on Mac” for now. However, during the preview Microsoft intends to add its endpoint detection and response capabilities, which give security analysts alerts so that they can quickly investigate a breach and remediate issues on affected devices.
Microsoft Defender ATP for Mac will also be gaining a new capability called Threat and Vulnerability Management (TVM), which will be available in a public preview by the end of April.
Microsoft notes it has been working with partners to deliver Windows Defender ATP to Mac and Linux devices while this new service for Macs is its first-party solution.
Admins can install the Microsoft Defender ATP on macOS Mojave, High Sierra, or Sierra, which offers a similar experience and user interface as that available on Windows 10 devices.
Users will have the option to configure advanced settings in Microsoft Defender ATP, but admins can disable these options. It also features AutoUpdate, where the app can be set to automatically receive updates.
Macs with Microsoft Defender ATP can report alerts and detections to the Microsoft ATP portal so that admins can review them alongside Windows 10 alerts.
And for anyone doubting that a Mac couldn’t benefit from Microsoft Defender ATP protection, Microsoft offers a reminder that it can detect KeRanger, the first ransomware to target macOS.
TVM, also announced today, takes a “a risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations”, according to Microsoft.
TVM features as a new dashboard in the Windows Defender Security Center app, displaying an ‘exposure score’ and ‘configuration score’.
The scores are based on sensor data that provides an inventory of devices showing vulnerability and security configuration data; a software inventory, including installations, uninstallation and patches; data about vulnerable runtime libraries being loaded by other apps; and configuration data to identify devices with disabled antivirus, enabled SMBv1, and configurations that could give attacks a way to escalate privileges.
“We’re leveraging our endpoint sensors for real-time visibility, worldwide optics of Microsoft and third-party installed applications, and threat intelligence to help our customers prioritize and focus on the weaknesses that pose the highest risk to their organization right now,” said Rob Lefferts, corporate vice president of Microsoft Security.
The new features follow last month’s launch of Azure Sentinel, Microsoft’s “cloud-native Security Information and Event Management (SIEM) tool”, and the Windows Defender ATP managed threat hunting service, Microsoft Threat Experts.