When we are talking with the Clients about Defender for Endpoint, there are a lot of questions regarding Windows and Linux VMs and differences between them. We tried to find the answers in documentation but without a luck.. Could you please answer those questions in details?
- What are the differences between depth of visibility into Windows and Linux systems by MS Defender?
- Is MS Defender also scanning applications installed on servers?
- How is vulnerability management on Windows and Linux machines working? How does it work at the system level, does it read it from memory or from some list of apps and versions installed on the system?
- What with scanning portable vulnerable software on Linux machines?
Have a good day