Stories
Slash Boxes
Comments

SoylentNews is people

Microsoft Releases Defender ATP for Linux

posted by chromas on Monday June 29 2020, @03:09PM   Printer-friendly
from the how-do-you-do,-fellow-kids? dept.

upstart writes in with an IRC submission:

Microsoft releases Defender ATP for Linux:

On June 23, Microsoft released Microsoft Defender Advanced Threat Protection (ATP) for Linux for general use.

But before you get excited while you could use this on a Linux desktop, this version of ATP is not meant for the desktop. It's to protect Linux servers from server and network threats. If you want protection for your standalone desktop, you're better off with a such as ClamAV or Sophos Antivirus for Linux.

For sysadmins and security pros, Microsoft Defender Security Center is now available for monitoring and managing security across the full spectrum of enterprise desktop and server platforms -- Android, Windows, Windows Server, macOS, and Linux.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Microsoft Releases Defender ATP for Linux | Log In/Create an Account | Top | 26 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Monday June 29 2020, @05:32PM

    by Anonymous Coward on Monday June 29 2020, @05:32PM (#1014174)

    Headline should read: Microsoft Releases Defender *APT* for Linux

    (Thanks Wikipedia)

    An advanced persistent threat (APT) is a stealthy computer network threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period.[1][2] In recent times, the term may also refer to non-state sponsored groups conducting large-scale targeted intrusions for specific goals.[3]

    Such threat actors' motivations are typically political or economic. Every major business sector has recorded instances of attacks by advanced actors with specific goals seeking to steal, spy or disrupt. These sectors include government, defense, financial services, legal services, industrial, telecoms, consumer goods and many more.[4][5][6] Some groups utilize traditional espionage vectors, including social engineering, human intelligence and infiltration to gain access to a physical location to enable network attacks. The purpose of these attacks is to place custom malicious code on one or multiple computers for specific tasks.[7]

    The median "dwell-time", the time an APT attack goes undetected, differs widely between regions. FireEye reports the mean dwell-time for 2018 in the Americas is 71 days, EMEA is 177 days and APAC is 204 days.[4] This allows attackers a significant amount of time to go through the attack cycle, propagate and achieve their objective.