Microsoft announced that the Windows Defender Advanced Threat Protection (ATP) enterprise platform is now available for macOS as part of a limited preview starting today and rebranded as Microsoft Defender ATP to reflect its new cross-platform support.
According to Microsoft, “the user interface brings a similar experience to what customers have today on Windows 10 devices” and the client can be used on Mac computers running macOS Mojave, macOS High Sierra, or macOS Sierra.
As part of the limited preview, Microsoft Defender ATP for Mac is designed to provide antimalware protection with a full set of features, including:
• Running scans, including full, quick, and custom path scans (we recommend quick scans in nearly all scenarios)
• Reviewing detected threats
• Taking actions on threats, including quarantine, remove, or allow
• Disabling or enabling real-time protection, cloud-delivered protection, and automatic sample submission
• Adding exclusions for files and paths
• Managing notifications when threats are found
• Manually checking for security intelligence updates
Microsoft also says that some of the available options can be disabled by system administrators with the help of “Microsoft Intune or other Mac management consoles to prevent end users from making changes.”
To be considered for participation in the preview program, customers must have Microsoft Defender ATP tenant and one or more macOS machines in their environment.
Applying for preview will not guarantee being considered for approval given that Microsoft is currently selecting only a small group to participate in the program.
Redmond also announced the new Threat & Vulnerability Management component for Microsoft Defender ATP which helps security administrators and security operations teams with the “discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.”