lswcap
The Android version of Microsoft Defender ATP, a security software developed by Microsoft, has been released as a preview. The release for Linux is also being launched at the same time, and cross-platform responses are being carried out.
In March 2019, Microsoft renamed its security software (Windows Defender Advanced Threat Protection) to Microsoft Defender ATP. In addition, in July of last year, the Mac version was released, and in February of this year, a preview for Linux was released. The Android version was announced at the RSA Conference 2020, followed by a preview version on June 23.
There are 4 main functions provided by this product. The first is to protect your device from phishing apps or websites, or from unsafe network connections. It uses the Microsoft Defender SmartScreen service, blocks insecure network access, and alerts users. Device access status is notified to the in-house security team through the Microsoft Defender Security Center and can be responded to by removing unauthorized devices from the corporate network or blocking access to internal applications. In addition, functions such as customizing the blocked URLs or domains individually can be implemented and set in the Security Center.
The second is the malicious code scan function. Android already has features to restrict app installation sources and search for dangerous apps, such as Google Play protection. However, Defender ATP has further enhanced these features. It has a heuristic engine that makes virus decisions not by pattern match, but by analogy, and cloud protection through deep learning, so it can scan for malware and potentially unwanted apps.
The third is to block access to confidential data using Microsoft Intune and Configuration Manager. For example, if a malicious app is installed and Microsoft Defender ATP detects it, the device is classified as high risk. Microsoft Intune, which manages mobile devices, can manage access to data according to device security risks by referring to predefined risk level access rules.
Fourth is security operation integration. It is possible to integrate Android security management with other platform security management by linking with Microsoft Defender Security Center. This feature is similar to that provided by Microsoft Defender ATP for Windows, Mac and Linux.
At the same time as providing a preview of the Android version, Microsoft has also begun the public release of Linux. In addition, the iOS version is expected to be available in the second half of this year. Related information can be found here .
Add comment