Microsoft's Windows Defender ATP (Advanced Threat Protection) security software for managed corporate PCs is coming to macOS, and will be renamed to Microsoft Defender to better reflect its support for multiple platforms. Windows Defender ATP has so far been available to customers of the Microsoft 365 suite, which combines licensing for Windows 10, Office 365, and enterprise management tools into a single subscription. The software includes threat and vulnerability management and automation to allow a company's security team to quickly push fixes to all enrolled machines if or when a problem is discovered.
Microsoft gives Defender ATP subscribers access to its own experts as well as AI-powered threat detection tools. The company claims to offer protection from the world's most advanced ransomware attacks, data breaches, zero-day exploits, hardware attacks, and other forms of security threats by using machine learning and behaviour analytics. The aim is to eliminate any potential attack vector and improve a company's overall security capabilities.
A video released by Microsoft shows PCs with the Windows and Apple logos as well as Tux, the Linux penguin mascot. though there's no mention of Linux, but it would make sense for Microsoft to announce support for as many types of devices as possible.
This will be yet another move by Microsoft to offer its services and software to users of multiple platforms in order to reduce dependence on Windows. Microsoft Office has long been available for macOS and is now offered for Android and iOS as well. Recently, Windows Defender extensions were released for Google Chrome and Mozilla Firefox. This also recognises that people now have multiple devices that connect to an employer's resources and need to be covered when considering security. The company is now referring to Microsoft Defender ATP as a "unified endpoint security platform".
Microsoft Defender ATP will run on macOS Mojave, High Sierra and Sierra. An invite-only preview will soon be available for IT administrators to begin testing with, as long as they are existing Windows Defender ATP clients and have multiple Macs in their organisations. Administrative policy management tools including Microsoft Intune will be able to enable or disable specific features such as excluding file paths from detection, and manually checking for updates.
Microsoft has developed a macOS user interface that will replicate the user experience of the Windows version, and will allow Mac users to report threats online. For administrations, Mac-specific threats such as trojans will be shown within the new Microsoft Defender ATP portal dashboard.