Microsoft Defender for Endpoint Support for Linux = Yes

Working at Microsoft, I receive this question often. Does Microsoft defender for endpoint support non-Windows systems such as MAC and Linux. A general answer is yes since 2020, but some features are limited on MAC and Linux. A breakdown as of late last year can be found HERE.

That breakdown isn’t current though. Features such as Browser Isolation have been added to Linux. Bleeping computers posted details on this new update HERE. Browser Isolation is a growing popular feature which allows the user to use a vendor (in this case Microsoft Defender) as the browser vs local native browser. By doing this, if the user’s browser is attacked while using the Internet, the attack doesn’t attack a local browser but instead, attacks an isolated browser moving the risk of the attack away from the user’s system. Enterprise administrators can manually isolate Linux machines enrolled as part of public preview using Microsoft 365 Defender portal or via API requests.

I expect Windows systems will tend to have more capabilities over MAC and Linux however there is an aggressive feature support catchup occurring since the general goal of a EDR is to protect all assets. Hopefully this helps answer this common question.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.