Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
66,698
36,054



Microsoft today announced that it plans to bring a version of its Defender ATP security platform to iOS and Android.

microsoft-defender-atp-mac.jpg

Defender ATP provides "preventive protection, post-breach detection, and automated investigation and response" for Windows and macOS, but it is unclear what the platform will offer on iOS given it is a sandboxed operating system. Existing "antivirus" apps for the iPhone typically only offer features such as identity theft and phishing prevention, website and phone call blocking, and VPN access.

Microsoft plans to share more details about Defender ATP for iOS and Android next week at the RSA Conference in San Francisco.

Article Link: Microsoft Defender ATP Security Platform Coming to iOS and Android
 
Microsoft Defender is great on Windows; it's nice to finally have good malware protection on Windows without having to download third party antimalware software.

However, I don't really see the point of this on MacOS. Macs already have a malicious software detection system, and so far it's done its job pretty admirably. I suppose Defender could help find Windows malware being downloaded to a Mac before it ends up on someone's other computer or Windows VM, but that seems like a limited usage scenario.

Regardless, though, having more options is great. Bring it on!
 
However, I don't really see the point of this on MacOS. Macs already have a malicious software detection system, and so far it's done its job pretty admirably. I suppose Defender could help find Windows malware being downloaded to a Mac before it ends up on someone's other computer or Windows VM, but that seems like a limited usage scenario.

Regardless, though, having more options is great. Bring it on!

You are missing the bigger picture the Threat Protection service is offering here. This ties in to at least 5 other security services back end which is then correlated both on identity, device and information protection to give your enterprise a good picture of the current threat level on all of these items. Regardless of platform.

It is not just an AV like Windows Defender. It's a full stack EDR tool with an AI back end.
 
You are missing the bigger picture the Threat Protection service is offering here. This ties in to at least 5 other security services back end which is then correlated both on identity, device and information protection to give your enterprise a good picture of the current threat level on all of these items. Regardless of platform.

It is not just an AV like Windows Defender. It's a full stack EDR tool with an AI back end.

Yeah - and because it's all done on MS backend your complete network traffic - browser URLs your opening etc. - is logged on their backend (again: true for MS Defender ATP).
And your IT admins have a nice dashboard on i.e. https://securitycenter.windows.com/ where they "check"/see what your doing (which websites your opening, when and from where) on your device.
So from a privacy point of view - that's Orwellian total surveillance...
 
Yeah - and because it's all done on MS backend your complete network traffic - browser URLs your opening etc. - is logged on their backend (again: true for MS Defender ATP).
And your IT admins have a nice dashboard on i.e. https://securitycenter.windows.com/ where they "check"/see what your doing (which websites your opening, when and from where) on your device.
So from a privacy point of view - that's Orwellian total surveillance...

Which is extremely valuable when you need to backtrack what was stolen, where it was moved, which other systems were impacted and what residual RAT/malware/persistence needs to be cleaned out afterwards during a breach?
 
  • Like
Reactions: konqerror
Which is extremely valuable when you need to backtrack what was stolen, where it was moved, which other systems were impacted and what residual RAT/malware/persistence needs to be cleaned out afterwards during a breach?

Sure, if you think of your employees as threats, rather than human beings deserving of privacy.
 
  • Disagree
Reactions: konqerror
Sure, if you think of your employees as threats, rather than human beings deserving of privacy.
ANY sane IT-admin or infosec responsible sees all users of corporate resources as potential targets for intentional or unintentional compromise and data leak. The higher privilege the more counter measures and monitoring.

Identity, information and device based posture in that order.
 
  • Like
Reactions: konqerror
Sure, if you think of your employees as threats, rather than human beings deserving of privacy.

Key lesson: don't do private stuff on work computers. Protect yourself as well as your company.

Your company gets sued for something, they can be forced to turn over all your data for discovery by the lawyers.

Your company gets hacked, customer's personal data gets disclosed, then law enforcement is going to come in and look through all your data for forensics.

You work for the government, a public school or similar, your computer is subject to open records laws.

Nobody is forcing you to use work computers to browse social media and send private pictures. Just keep work and private life separate. It has to do with laws and security, and nothing to do with treating somebody as "human beings".
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.