Microsoft today announced that it plans to bring a version of its Defender ATP security platform to iOS and Android.
Defender ATP provides "preventive protection, post-breach detection, and automated investigation and response" for Windows and macOS, but it is unclear what the platform will offer on iOS given it is a sandboxed operating system. Existing "antivirus" apps for the iPhone typically only offer features such as identity theft and phishing prevention, website and phone call blocking, and VPN access.
Microsoft plans to share more details about Defender ATP for iOS and Android next week at the RSA Conference in San Francisco.
Top Rated Comments
However, I don't really see the point of this on MacOS. Macs already have a malicious software detection system, and so far it's done its job pretty admirably. I suppose Defender could help find Windows malware being downloaded to a Mac before it ends up on someone's other computer or Windows VM, but that seems like a limited usage scenario.
Regardless, though, having more options is great. Bring it on!
Are you finding it doing anything useful?It’s built on the same engine which ESET uses; and I’m already using that on my Mac.
Which is extremely valuable when you need to backtrack what was stolen, where it was moved, which other systems were impacted and what residual RAT/malware/persistence needs to be cleaned out afterwards during a breach?Yeah - and because it's all done on MS backend your complete network traffic - browser URLs your opening etc. - is logged on their backend (again: true for MS Defender ATP).
And your IT admins have a nice dashboard on i.e. https://securitycenter.windows.com/ where they "check"/see what your doing (which websites your opening, when and from where) on your device.
So from a privacy point of view - that's Orwellian total surveillance...
ANY sane IT-admin or infosec responsible sees all users of corporate resources as potential targets for intentional or unintentional compromise and data leak. The higher privilege the more counter measures and monitoring.Sure, if you think of your employees as threats, rather than human beings deserving of privacy.
Identity, information and device based posture in that order.