Microsoft Defender shows off endpoint detection and response capabilities for Linux

(Image credit: Shutterstock)

As a testament to Microsoft’s growing support for Linux, the new public preview of Microsoft’s endpoint detection and response (EDR) product now extends to Linux servers as well.

With its expanded mandate, the product has now been renamed as Microsoft Defender for Endpoint. 

Announcing the public preview of the rechristened product, Tomer Hevlin, a Senior Product Manager at Microsoft wrote that “with the new Linux EDR capabilities, Defender for Endpoint customers will have the ability to detect advanced attacks that involve Linux servers, utilize rich experiences, and quickly remediate threats.”

All around protection

The new announcement compliments a significant release earlier in the year. Back in June 2020, the software giant had extended the Microsoft Defender Advanced Threat Protection (ATP) product to protect its enterprise customers with Linux devices.

With that announcement Microsoft released the command-line Linux Defender agent that admins could deploy and configure on Linux endpoints using popular configuration management tools like Ansible and Puppet. The release helped Microsoft extend its protection capabilities to non-Windows platforms. 

The latest announcement builds on top of the previous announcement and now adds EDR capabilities to Linux servers as well.

The preview of the new Microsoft Defender for Endpoint officially supports six Linux server distributions including distributions based on Red Hat Enterprise Linux v7.2 and newer, such as RHEL, CentOS and Oracle Linux. You can also preview the release on Ubuntu LTS releases newer than 16.04 as well as on SLES 12+, and Debian 9+.

Follow the announcement for instructions on how to test the new capabilities on your Linux servers by simulating an attack.

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.