Update: EDR for Linux is now generally available as of January 11, 2021.
Today, we are excited to announce the public preview of endpoint detection and response (EDR) capabilities in Microsoft Defender for Endpoint on Linux servers.
With the new Linux EDR capabilities, Defender for Endpoint customers will have the ability to detect advanced attacks that involve Linux servers, utilize rich experiences, and quickly remediate threats. This builds on the existing preventative antivirus capabilities and centralized reporting available via the Microsoft Defender Security Center.
Microsoft Defender for Endpoint on Linux supports recent versions of the six most common Linux server distributions:
With Defender for Endpoint EDR capabilities for Linux, your security team can immediately start benefiting from:
To get started with Microsoft Defender for Endpoint public preview capabilities, we encourage customers to turn on preview features in Microsoft Defender Security Center.
If you’re already running Microsoft Defender for Endpoint on Linux, we recommend that you configure some of your Linux servers to Preview mode, by applying the following command on the device:
$ sudo mdatp edr early-preview enable
Please make sure you are running version 101.12.99 or higher. The version can be found in the output of “mdatp health”.
If you are new to Microsoft Defender for Endpoint on Linux, learn how to get started by visiting our documentation and then enable the preview mode as explained above.
To test out the functionalities of EDR for Linux, follow the steps below to simulate a detection on your Linux server and investigate the case. Please share your feedback with us!
We are very excited to share today’s Linux EDR preview news with you and your feedback is highly valuable to us! Join us on the journey to enhance Microsoft Defender for Endpoint on Linux. Try the new Linux EDR capabilities and You can submit feedback by joining the discussion below or by clicking on the ‘send a smile/frown’ icon on the top right corner of the security center.
If you’re not yet taking advantage of Microsoft’s industry leading optics and detection capabilities, sign up for a free trial of Microsoft Defender for Endpoint today.
Tomer Hevlin
Microsoft Defender for Endpoint Team
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.