Windows Defender ATP is dead. Long live Microsoft Defender ATP

Redmond's anti-malware now coming to a Mac near you

Microsoft nudged the Windows brand further out of the limelight today by thwacking its anti-malware package with the rebranding stick. Behold, Microsoft Defender ATP.

The change is necessary, as Microsoft is unleashing its endpoint protection platform onto the hitherto virgin territory of macOS.

Windows Defender first put in an appearance in Windows XP as an anti-malware component, evolving over the years until being renamed Windows Defender Antivirus as the software dug itself deeper into the Windows 10 operating system.

The Advanced Threat Protection (ATP) incarnation extended the functionality for Microsoft 365 customers, adding in detection and exploration over devices and identities, as well as automation to clean up the messes inflicted by miscreants where possible.

In February the gang added "Microsoft Threat Experts" into the mix, to speed up the response to threats.

According to Microsoft 365 head honcho, Brad Anderson, around 27 per cent of Windows 7 users actually use thing. The figure rises to 55 per cent of all commercial PCs on Windows 10 either because, as Anderson said, "It's built in. It's a great experience. It's always up to date. It's always compatible" or maybe just because it is hard to avoid it, and IT admins like an easy life.

To be fair, in my experience, Windows Defender is far less of a resource hog than the products of certain other vendors, although customers have plenty of choice. A report by Statista put AVAST as the number one Windows anti-malware application vendor followed by Malwarebytes. The latter also enjoys quite a bit of love in the Apple community, according to one enterprise specialist we spoke to.

As part of Microsoft's ongoing effort to move beyond Windows with the likes of Microsoft 365, it is extending this protection to other operating systems, starting with macOS. After all, once you're paying for Office, what's a little extra anti-malware between friends?

The newly renamed Microsoft Defender ATP is available for macOS now in a limited preview.

Threat and Vulnerability Management

The Defender ATP team has also pushed out to preview additional technology to deal with known vulnerabilities and misconfigurations that can be exploited by miscreants. Dubbed 'Threat and Vulnerability Management', the tech is geared up to scan the endpoints of an organisation and flag up weaknesses.

Anderson told us that technology was agentless (Defender having been built into the operating system for a while now). "It's constantly monitoring the configuration and the settings of the device and when it sees that there is anything that is a known threat or a known vulnerability that is exposed, it automatically brings that to the attention of IT and IT can take automated action on that to clean it."

Players of the Redmond drinking game will be delighted to spot the acronym "AI" in the announcement of the technology as an aid to identify nefarious activity. Admins should, however, be aware that in order to do the magic, Microsoft does need to suck telemetry from devices into its cloud.

According to Anderson, "It is just diagnostic data that allows us to make sure that we're giving the direction to IT to take action."

While Microsoft has published the definition for the data it is collecting, Anderson stated the obvious, "When you sign up to use this threat and vulnerability management, that does get commensurate with a level of that telemetry. And so it ties into a level of telemetry that you have to enable on Windows that is published."

In other words, if you want to use Microsoft's new smarts, you're going to have hand over some data.

Wary perhaps of the notoriously litigious world of anti-virus, Microsoft stated that the new toys would be "in addition to the existing partner integrations already available."

Handy, because only this week anti-virus vendor McAfee was trumpeting its own integration in Microsoft Teams.

The Teams app will, of course, be a standard part of Office 365 ProPlus as default by the end of March. ®

Other stories you might like

  • ESA's 2030+ roadmap envisions Europeans on the Moon and Mars
    But the agency is distinctly aware that it needs more autonomy

    The European Space Agency (ESA) has released a strategy roadmap to take it into the 2030s and beyond.

    The publication comes on the eve of much-anticipated images from the James Webb Space Telescope, on which ESA partnered with NASA and others, but that makes one of the themes of the roadmap all the more stark – ESA needs more autonomy.

    "As recent events have shown," the document begins, "the geopolitical context can unexpectedly become unstable."

    Continue reading
  • Biden considers removal of Trump-era China tariffs to ease inflation
    But US administration split on loss of leverage, according to reports

    US president Joe Biden is debating whether to end or cut Trump-era tariffs imposed on Chinese imports into the United States, according to reports.

    Introduced in 2018 during the Trump administration, tariffs on more than $300 billion in imports from China — including products and components vital in consumer and business technologies — were inherited by the Biden administration.

    According to Bloomberg, president Biden and his cabinet have discussed the inflationary impact of these levies with Treasury Secretary Janet Yellen. The cabinet was looking at all of the possible ways to curb inflation and to provide some relief on cost of living for Americans, the report said.

    Continue reading
  • Semiconductor market to be hit by fresh wave of rising component costs
    Chemicals supplier warns it expects to raise prices, may cut some product lines

    More red flags about the semiconductor market are being raised with the news that a key supplier to chipmakers such as TSMC is planning to hike prices, which will likely have a knock-on effect on chip prices.

    Japan-based chemicals company Showa Denko has warned it expects to raise prices and may have to cut back some of its unprofitable product lines. The company is a major supplier of chemicals and gases that are used in the semiconductor manufacturing industry for the creation of silicon wafers and in the etching process to create chips.

    In an interview with Bloomberg, Showa Denko chief financial officer Hideki Somemiya said the company had already raised prices at least a dozen times this year, citing issues such as COVID-19 lockdowns, increasing energy costs and other factors. However, he confirmed "the current market moves require us to ask twice the amount we had previously calculated."

    Continue reading
  • Germany unveils plan to tackle cyberattacks on satellites
    Vendors get checklist on what to do when crooks inevitably turn up in space

    The German Federal Office for Information Security (BSI) has put out an IT baseline protection profile for space infrastructure amid concerns that attackers could turn their gaze skywards.

    The document, published last week, is the result of a year of work by Airbus Defence and Space, the German Space Agency at the German Aerospace Center (DLR), and BSI, among others. It is focused on defining minimum requirements for cyber security for satellites and, a cynic might say, is a little late to the party considering how rapidly companies such as SpaceX are slinging spacecraft into orbit.

    The guide categorizes the protection requirements of various satellite missions from "Normal" to "Very High" with the goal of covering as many missions as possible. It is also intended to cover information security from manufacture through to operation of satellites.

    Continue reading

Biting the hand that feeds IT © 1998–2022