Software

OSes

Microsoft's beefed-up take on Linux server security has hit general availability

Endpoint Detection and Response added. For servers, not standalone Linux desktops, mind


After a few months in preview, Microsoft has made Defender Endpoint Detection and Response (EDR) generally available for Linux servers.

Microsoft has extended its Defender product over multiple platforms throughout the last year or so, having shaved the "Windows" prefix from the system. Android, macOS, and iOS have all joined the party and Microsoft Defender for Endpoint turned up for Linux around six months ago.

The theory goes that administrators with a mixed network can onboard devices via the same portal and view alerts in what Microsoft describes as a "single pane of glass experience".

The EDR support enriches the capability with extra timeline features and enhancements to the advanced hunting tool. "Customers can use this capability," according to Microsoft, "to search for threats across Linux servers, exploring up to 30 days of raw data."

Why make games for Linux if they don't sell? Because the nerds are just grateful to get something that works

READ MORE

It's handy stuff for admins already familiar with the Windows experience and keeps procedures consistent. Users can include elements such as process and file creation in their investigations as well as gather insight into where a threat or malicious activity came from.

Six Linux distributions are supported at present: RHEL 7.2+, CentOS Linux 7.2+, Ubuntu 16 LTS (or higher LTS), SLES 12+, Debian 9+, and Oracle Linux 7.2. The platform can be deployed and configured with Puppet, Ansible, "or using your existing Linux configuration management tool."

There remains no love for a standalone Linux desktop at this stage; this is aimed squarely at servers, although there are no shortage of alternatives from vendors such as Sophos or F-Secure.

Users already running Microsoft Defender for Endpoint (Linux) will get the EDR capability with an agent update. Those who opted into the preview programme last year will also need to update the agent.

And, of course, Microsoft Defender for Endpoint (Linux) will require the Servers licence. ®

Send us news
8 Comments

EU antitrust cops probe Microsoft ties between Entra ID and 365 services

Google claims rival has made an 'art and science' out of licensing

Developers beware, Microsoft's domain shakeup is coming soon

If you don't pay attention, your lovely little Teams app will stop working

Microsoft says AI alliances are needed to compete with Google

Only the Chocolate Factory is 'vertically integrated' to win at 'every AI layer from chips to a thriving mobile app store'

Linux kernel 4.14 gets a life extension, thanks to OpenELA

Could this be the first green shoot of enterprise vendors paying for long-term maintenance?

Licensing labyrinth for Power Apps and Dynamics 365 must be clarified, warns expert

Rules still unclear for Microsoft users making potentially costly decisions on enterprise applications

Microsoft hits Inflection point, peels off top personnel to form AI division

FYI, FTC: Karén Simonyan, DeepMind co-founder Mustafa Suleyman absorbed rather than acquired

The end of classic Outlook for Windows is coming. Are you ready?

Microsoft prepares to replace an old faithful with something shiny, new, and lacking key features. Sound familiar?

First release candidate of Linux kernel 6.9 looks 'fairly normal,' says Torvalds

Improved workqueues mean the end of tasklets is looming at long last

Fresh version of Windows user-friendly Zorin OS arrives to tempt the Linux-wary

Adding extra shine to Ubuntu Jammy… with the lightweight edition to follow

Microsoft promises Copilot will be a 'moneymaker' in the long term

Exec tells investors to 'temper' expectations as mission to convince customers of price tag continues

Intel throws chips on the table, Microsoft plays the Copilot card in wild bet on AI PCs

Does anyone actually want one?

Microsoft gets new Windows boss as Start Menu man Parakhin 'to explore new roles'

More MS moves just a week after new AI unit and other changes announced