Security News > 2021 > October > Microsoft Defender ATP adds live response for Linux and macOS

Microsoft has announced the addition of new live macOS and Linux response capabilities to Defender for Endpoint, the enterprise version of Redmond's Windows 10 Defender antivirus.
They are designed to help security operations teams to trigger response actions straight from the live response interface during incident investigations.
Other response actions added today for macOS and Linux customers also enable them to collect info on attackers' tools and techniques, and remotely trigger antivirus scans to detect and remediate malware infections on compromised devices.
"With live response, you have the power to do in-depth investigative work and take immediate response actions to promptly contain identified threats - in real-time," Microsoft said.
Microsoft Defender for Endpoint was made generally available for macOS devices in May 2019 and expanded to Linux and Android devices in June 2020.
Earlier this year, in April 2021, Microsoft also announced that Microsoft Defender for Endpoint supports Windows 10 on Arm devices.
News URL
Related news
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)
- LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile (source)
- Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems (source)