Microsoft announced that Defender for Endpoint will now also help admins discover OS and software vulnerabilities affecting macOS devices on their organization’s network.
With the enterprise endpoint security platform’s threat and vulnerability management feature now generally available for macOS, security admins can decrease endpoints’ surface attack area and therefore increase their organization’s resilience exposure against incoming attacks.
“This capability expansion enables organizations to discover, prioritize, and remediate both software and operating system vulnerabilities on devices running macOS,” Microsoft Senior Product Manager Tomer Reisner said.
“After onboarding your macOS devices to Microsoft Defender for Endpoint, you’ll get the latest security recommendations, review recently discovered vulnerabilities in installed applications, and issue remediation tasks, just like you can with Windows devices.”
Today, Microsoft also announced the inclusion of support for Windows 8.1 devices and the introduction of email notifications for vulnerability events to Defender for Endpoint, both in public preview.
Microsoft Defender for Endpoint (previously known as Microsoft Defender Advanced Threat Protection or Microsoft Defender ATP) was made generally available for Macs in May 2019.
To test Defender’s new macOS vulnerability assessment capabilities, you will need an A5 or E5 Microsoft volume license.
You can follow these detailed instructions to onboard macOS endpoints to the Microsoft Defender for Endpoint service.
Defender for Endpoint protects all major platforms
Starting with October 2020, Microsoft Defender for Endpoint also provides admins with a report that helps them keep track of vulnerable Windows and macOS devices within their organization’s environment.
Among the insights that administrators can draw from this new Defender threat and vulnerability management report, Microsoft highlighted device vulnerability severity levels, exploit availability, vulnerability age, and vulnerable devices by operating system.
Microsoft Defender also got updated with a Microsoft Secure Score for Devices feature that can be used to evaluate the collective security configuration state of devices on enterprise networks.
It works by identifying unprotected devices and by providing recommended actions to boost the security of an organization’s endpoints.
Earlier this month, Microsoft announced that Defender for Endpoint’s detection and response (EDR) capabilities are also generally available on Linux servers.