Here is a summary of the changes and features introduced to Microsoft Defender for Endpoint (formerly Microsoft Defender Advanced Threat Protection (ATP)) during the month.
1. Microsoft introduces new response and investigation capabilities for macOS and Linux:
- We now find the capability to collect investigation packages for forensic purposes and file collection on macOS and Linux.
- Troubleshooting mode allows administrators to create custom local configuration policies on macOS by temporarily overriding the Tamper Protection feature for troubleshooting purposes (performance, application compatibility, etc.).
In the March release of the Defender for Endpoint client for macOS (Build: 101.24012.0010 | Release version: 20.124012.10.0), bug fixes and performance improvements are included.
In the March release of the Defender for Endpoint client for Linux (Build: 101.24022.0001 | Release version: 30.124022.0001.0), a new log file has been added - microsoft_defender_scan_skip.log. This file records the names of files that were skipped during various antivirus scans by Microsoft Defender for Endpoint, for any reason. Stability and performance improvements as well as bug fixes are also included.
In the March release of the Defender for Endpoint client for Android (1.1.51240101), bug fixes and various improvements are included, along with a feature to help individuals and families better protect their personal data online by extending Defender capabilities to credit monitoring in the United States. In addition to identity theft monitoring on the dark web, you can now monitor your credit, receive credit alerts, and access your credit report.
5. In the March version of the Defender for Endpoint client for iOS (1.1.51240101), bug fixes and improvements are included.