SoylentNews is people
SoylentNews
Microsoft announced today that Microsoft Defender for Endpoint's detection and response (EDR) capabilities are now generally available on Linux servers.
EDR capabilities allow admins and security teams to spot attacks targeting or involving Linux servers in their environments almost in real-time with the help of alerts automatically aggregated as incidents based on attacker techniques and attribution.
This adds to the already existing preventative antivirus capabilities and the centralized reporting features available to admins via the Microsoft Defender Security Center.
[...] "If you are already running Microsoft Defender for Endpoint (Linux) preventive AV in production, your devices will seamlessly receive the new EDR capability as soon as you update the agent to version 101.18.53 or higher," Microsoft Senior Product Manager Tomer Hevlin said.
Do members of our community trust Microsoft for their Linux and Linux security needs?
(Score: 1, Interesting) by Anonymous Coward on Thursday January 14 2021, @06:18AM
On one hand, this thing looks like exercise in checking them checkboxes.
On the other hand, it sure provides an interesting mode of access to linux servers, for the multinational corporation/unholy cabal, who pushes out updates for this thing.
On the third.. (tentacle?) its a good idea - increase the attack surface by having more code parse the input of any kind. especially from the network.
Makes windows look better in the eyes of terminally retarded, increases chances of infection and Compliance...
PS: Does this thing install kernel modules? :D
Then technically, this is a major improvement.
No longer is microsoft content to insert new and exciting complete-security-model-bypass type of bugs by the thousand in the windows kernel, now they insert these in other unrelated operating systems kernels...
I like this new microsoft!