Microsoft Corp. is bringing the security capabilities that it offers to enterprises on Windows to the Mac.  

The company today released a new iteration of Windows Defender Advanced Threat Protection that runs natively on the three most recent versions of macOS. Microsoft has also rebranded the service on the occasion to reflect its broadened focus, with the offering set to be distributed under the name Microsoft Defender ATP going forward.

Defender ATP is a beefed-up, commercial version of the Windows Defender antivirus that Microsoft ships with its operating system. Sold as part of Office 365, the service scans devices for suspicious behavior using cloud-based machine learning algorithms. It can detect not only malware strands known to the cybersecurity community, but also completely new threats that don’t appear in any antivirus database.

Defender ATP sends breach alerts to a cloud-based console that lets administrators centrally view issues across their companies’ device fleets. Thanks to today’s update, the console will now display security information from Mac machines alongside the existing Windows endpoint data.

Microsoft has also added a new tool called Threat & Vulnerability Management that expands the range of threats Defender ATP can detect. The tool identifies if a device is running applications with known weaknesses that can be exploited by hackers to launch attacks. Moreover, it ranks vulnerabilities in order of severity to make sure administrators fix the most pressing issues first.

Threat & Vulnerability Management flags vulnerabilities as high-priority if they affect an important system, or in case they’re being actively used as part of cyberattack campaigns. Similarly, the tool enables Defender ATP to detect misconfigured settings that might expose a device to attack.

Administrators can patch vulnerable endpoints using device management tools such as Microsoft’s Intune product. The Intune integration is not yet available for Mac deployments, but companies may already use a number of alternative products from external providers.

The macOS version of Defender ATP is currently in limited preview, while Threat & Vulnerability Management will roll out to early adopters within a month. The offering should find a receptive audience in large enterprises that use a combination of Windows and macOS to support employees. The ability to protect both endpoint fleets using the same product can potentially save quite a bit of work for administrators, as well as cut costs by reducing the need for external security tools. 

Photo: Microsoft