In some cases, customers will need to use exclusion capabilities to optimize even more.
MICROSOFT TOOLS FOR MAC SOFTWARE
The current release is optimized for code compilation (to support developers) and for large software deployments and updates (to support the majority of macOS customers). The Microsoft Defender ATP team is continuously investing in performance improvements. These factors present challenges to all security solutions. The performance of security agents is influenced by a variety of factors: the operating system, different endpoint use cases, multiple installed security agents, and the specifications of the device itself.
files, processes, network connections, alerts) are available for exploration on macOS devices.
MICROSOFT TOOLS FOR MAC WINDOWS
The rest of the investigation experience, such as the hyperlinked exploration between the different monitored entities, is the same as with Windows devices. The solid architecture also seamlessly enables custom detections on top of the advanced hunting capabilities. Now, customers can use this capability to search for threats across macOS devices, exploring up to 30 days of raw data. Our popular advanced hunting tool allows customers to perform free-form investigations using a powerful query engine and an ever-growing set of useful shared queries. The machine timeline is just one piece of the investigation story. This detection dictionary is growing with more monitoring capabilities and ongoing excellent research by our security teams.
MICROSOFT TOOLS FOR MAC FOR MAC
In the Microsoft Defender ATP for Mac EDR public preview announcement, we also discussed the post-breach detection capability with an example scenario that customers can use to experience the feature. In future incremental releases we will expose more and more monitoring capabilities. The machine timeline includes information about process creation, network connections, and file creations. The machine timeline below demonstrates this capability. With the newly enabled EDR support, customers can get detections with even richer context. With Microsoft Defender ATP for Mac, customers can better protect macOS endpoints, get these machines onboarded in the same portal as their Windows devices, and expand the single pane of glass experience to include macOS-related alerts. With that in mind, the Microsoft Defender ATP team is now delivering core EDR functionality for macOS.Įarlier this year, we announced the availability of Microsoft Defender ATP for Mac with preventive antivirus capabilities. Our design partners, who influence our priorities, asked for competitive detection coverage with a unified investigation experience under strict performance requirements. Getting customer feedback in our development process is critical to ensuring we create products our customers love. Microsoft Defender ATP for Mac was designed and is continuously enhanced in collaboration with our customers. Customers can expect the same familiar investigation experience, the same solid backend, and the same consistent progression of features coupled with excellent performance that have historically been Microsoft Defender ATP’s signature. We are extending Microsoft Defender ATP capabilities into non-Windows platforms in line with our commitment to build security solutions not just for Microsoft, but also from Microsoft. We are excited to announce that Microsoft Defender Advanced Threat Protection (ATP) endpoint and detection response (EDR) capabilities for macOS devices are now generally available.
0 kommentar(er)
