Announcing Microsoft Defender ATP for Mac and new Threat and Vulnerability Management capabilities

March 20, 2019

On February 28, 2019, we announced Microsoft Threat Experts, a new managed hunting service within the Microsoft 365 Security portfolio that enables customers to extend their expertise and insights with the help of Microsoft security professionals. This release showcased our philosophy that security is about leveraging cloud services to enable new and better approaches to protecting your business, and it’s about people—the people you protect and the people who do the protecting.

Today, we’re excited to announce two additions to our endpoint security platform:

  • Beginning today, we’re extending our endpoint protection platform to support additional operating systems with Microsoft Defender Advanced Threat Protection (ATP) for Mac, available now in limited preview. With this expansion, we’re also renaming the Windows Defender ATP platform to Microsoft Defender ATP.
  • We’re making Threat and Vulnerability Management (TVM) capabilities available in Microsoft Defender ATP to discover, prioritize, and remediate threats and vulnerabilities, available today in preview.

These new capabilities—along with others shared on the Microsoft 365 blog from across Microsoft 365—build on the strong security advancements we made to enable customers to protect against an ongoing increase in the volume and sophistication of attacks.

Discover, prioritize, and remediate threats with Threat and Vulnerability Management

Reducing organizational risk and increasing resilience by quickly identifying, assessing, and remediating weaknesses in your endpoints is critical to a successful security posture. We’re leveraging our endpoint sensors for real-time visibility, worldwide optics of Microsoft and third-party installed applications, and threat intelligence to help our customers prioritize and focus on the weaknesses that pose the highest risk to their organization right now.

Threat and Vulnerability Management (TVM) is a new capability within Microsoft Defender ATP designed to empower security teams to discover, prioritize, and remediate known vulnerabilities and misconfigurations exploited by threat actors. Customers will be able to evaluate the risk level of threats and vulnerabilities and prioritize remediation based on signals they receive from Microsoft Defender ATP. Customers can also speed up mitigations by leveraging the integrated remediation processes to bridge the gap between security and IT teams.

Extending the existing capabilities of TVM in Microsoft Defender ATP adds:

  • Real-time detection insights correlated with endpoint vulnerabilities.
  • Machine vulnerability context during incident investigations.
  • Built-in remediation processes through integration with Microsoft Intune and Microsoft System Center Configuration Manager.

TVM will be available as a public preview for Microsoft Defender ATP customers within the next month. Learn more about it in our Tech Community blog.

Extending support for our endpoint protection platform

Customers value the unique capabilities that our comprehensive platform offers, including built-in sensors, cloud scalability, unparalleled optics, artificial intelligence (AI) and machine learning-based protection to enhance the power of defenders, and the seamless integration with Microsoft’s identity and information protection solutions. We understand that our customers have heterogeneous environments and require holistic protection to cover the full extent of their environment. We’re pleased to announce that we’re building a first-party solution to protect additional operating systems, in addition to the existing partner integrations already available.

Starting today, Microsoft Defender ATP customers can sign up for a limited preview, which will provide next-gen antivirus protection on Mac, and we will be adding Endpoint Detection and Response, as well as TVM capabilities, during the preview program. You can learn more about this expansion of capabilities in our Tech Community blog.

As attacks continue to rise in both volume and sophistication, Microsoft is committed to support and empower the world’s critical cybersecurity defenders. We’re continuously innovating in new capabilities and taking advantage of the scale and intelligence of our services so that together we can keep customers safe.

On behalf of the entire team,

Rob Lefferts