Microsoft is bringing Windows Defender ATP to Mac OS devices. The company is renaming its endpoint security platform to Microsoft Defender ATP, to reflect the extension to Mac systems.
In addition, Microsoft is adding Threat and Vulnerability Management (TVM) functionality to Microsoft Defender Advanced Threat Protection. These new features evaluate the risk level of threats and vulnerabilities based on detections from Microsoft Defender ATP.
According to its release, TVM includes:
- real-time endpoint detection and response (EDR) insight;
- machine vulnerability information during incident investigations; and
- remediation through Microsoft Intune and Microsoft System Center Configuration Manager.
Defender for Mac OS comes as a response to the increase of malware attacks on Mac devices. Apple systems have been traditionally marked as a safer operating system, but not because they are more secure.
"There's long been a general misperception that Macs are 'safe' because they haven't been widely targeted by commodity malware," said Josh Zelonis, senior analyst for security and risk professionals at Forrester Research. "This is more a property of the threat model than a statement about the quality of the Mac OS, and we're now hearing more and more about campaigns targeting Mac OS."
Windows operating systems account for about 75% of the market share, and Mac OS holds only about 12%, according to StatCounter. It does not make sense for hackers to run a broad campaign specifically targeting Mac OS because of the large shares that Windows has in the market, Zelonis said.
Microsoft closed the Defender ATP for Mac limited preview on April 1, and will open the preview to the public later in the month. It will include endpoint detection and response, as well as TVM capabilities.
Microsoft Defender ATP Mac OS and TVM are a part of the Microsoft 365 revamp. New features include: Windows Virtual Desktop, which is now in public preview; Microsoft Teams app addition to Office 365 ProPlus; ease of Windows 10 feature updates for deployment, Configuration Manager and Microsoft Intune enhancements; and Microsoft 365 admin center.